CVE-2012-10024
published 2025-08-05CVE-2012-10024: XBMC version 11.0 contains a path traversal vulnerability in its embedded HTTP server. When accessed via HTTP Basic Authentication, the server fails to…
PriorityP349high7.1CVSS 4.0
AVNACLATNPRLUINVCHVINVANSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EXPLOIT
EPSS
1.06%
60.3th percentile
XBMC version 11.0 contains a path traversal vulnerability in its embedded HTTP server. When accessed via HTTP Basic Authentication, the server fails to properly sanitize URI input, allowing authenticated users to request files outside the intended document root. An attacker can exploit this flaw to read arbitrary files from the host filesystem, including sensitive configuration or credential files.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| xbmc | media_center | <= 11.0 | — |
Detection & IOCsextracted from sources · hover to see the quote
urlhttps://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/xbmc_traversal.rb↗
- →Monitor HTTP requests to XBMC's embedded HTTP server containing path traversal sequences (e.g., '../') in the URI, which may indicate exploitation attempts to read files outside the document root. ↗
- →Alert on HTTP Basic Authentication attempts to XBMC's HTTP server followed by URI requests containing directory traversal patterns, as exploitation requires authentication. ↗
- →Flag file retrieval attempts via XBMC HTTP server targeting sensitive files (e.g., credential or configuration files) using traversal paths, as the module is limited to file retrieval. ↗
- ·Exploitation requires valid HTTP Basic Authentication credentials; unauthenticated attackers cannot directly exploit this traversal vulnerability. ↗
- ·The vulnerability affects only XBMC version 11 up to and including the 2012-11-04 nightly build; later builds are not confirmed vulnerable. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
XBMC Media Center up to 11.0 path traversal (EUVD-2012-6581)
vuldb·2026-05-26·CVSS 7.1
CVE-2012-10024 [HIGH] XBMC Media Center up to 11.0 path traversal (EUVD-2012-6581)
A vulnerability was found in XBMC Media Center up to 11.0. It has been declared as critical. This affects an unknown part. The manipulation results in path traversal.
This vulnerability is known as CVE-2012-10024. It is possible to launch the attack remotely. No exploit is available.
It is best practice to apply a patch to resolve this issue.
GHSA
GHSA-4754-xhrr-vjvp: XBMC version 11, including builds up to the 2012-11-04 nightly release, contains a path traversal vulnerability in its embedded HTTP server
ghsa_unreviewed·2025-08-05
CVE-2012-10024 [HIGH] CWE-22 GHSA-4754-xhrr-vjvp: XBMC version 11, including builds up to the 2012-11-04 nightly release, contains a path traversal vulnerability in its embedded HTTP server
XBMC version 11, including builds up to the 2012-11-04 nightly release, contains a path traversal vulnerability in its embedded HTTP server. When accessed via HTTP Basic Authentication, the server fails to properly sanitize URI input, allowing authenticated users to request files outside the intended document root. An attacker can exploit this flaw to read arbitrary files from the host filesystem, including sensitive configuration or credential files.
No detection rules found.
No writeups or analysis indexed.
https://github.com/xbmc/xbmchttps://github.com/xbmc/xbmc/commit/bdff099c024521941cb0956fe01d99ab52a65335https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/auxiliary/gather/xbmc_traversal.rbhttps://www.ioactive.com/wp-content/uploads/pdfs/Security_Advisory_XBMC.pdfhttps://www.vulncheck.com/advisories/xbmc-web-server-path-traversal
2025-08-05
Published