cbcvebase.
CVE-2011-3305
published 2011-10-06

CVE-2011-3305: Directory traversal vulnerability in Cisco Network Admission Control (NAC) Manager 4.8.x allows remote attackers to read arbitrary files via crafted traffic to…

PriorityP261high7.8CVSS 2.0
AVNACLAuNCCINAN
EXPLOIT
EPSS
21.59%
97.3th percentile
Directory traversal vulnerability in Cisco Network Admission Control (NAC) Manager 4.8.x allows remote attackers to read arbitrary files via crafted traffic to TCP port 443, aka Bug ID CSCtq10755.

Affected

4 ranges
VendorProductVersion rangeFixed in
cisconac_manager
cisconac_manager
cisconac_manager
cisconetwork_admission_control_manager

Detection & IOCsextracted from sources · hover to see the quote

port443/TCP
  • Directory traversal attack targeting Cisco NAC Manager 4.8.x over TCP port 443; look for path traversal sequences (e.g., '../') in HTTPS requests to the device
  • Exploitation is unauthenticated — no credentials required; flag any unauthenticated traversal attempts reaching the NAC Manager web interface
  • Metasploit auxiliary module exists for this CVE; tune FILE (e.g. passwd or hosts), MAXDIRS, and RPORT parameters when hunting for exploitation attempts in logs
  • Reference Cisco Bug ID CSCtq10755 when correlating vendor advisories or patch status for affected NAC Manager 4.8.x devices
  • ·No workarounds are available; the only mitigation is applying the vendor-supplied software update

CVSS provenance

nvdv2.07.8HIGHAV:N/AC:L/Au:N/C:C/I:N/A:N
vendor_cisco7.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.