cbcvebase.
CVE-2012-4940
published 2012-10-31

CVE-2012-4940: Multiple directory traversal vulnerabilities in the View Log Files component in Axigen Free Mail Server allow remote attackers to read or delete arbitrary…

PriorityP273medium6.4CVSS 2.0
AVNACLAuNCPIPAN
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
83.63%
99.7th percentile
Multiple directory traversal vulnerabilities in the View Log Files component in Axigen Free Mail Server allow remote attackers to read or delete arbitrary files via a .. (dot dot) in (1) the fileName parameter in a download action to source/loggin/page_log_dwn_file.hsp, or the fileName parameter in (2) an edit action or (3) a delete action to the default URI.

Detection & IOCsextracted from sources · hover to see the quote

pathsource/loggin/page_log_dwn_file.hsp
  • Detect directory traversal attempts targeting the fileName parameter in requests to the Axigen WebAdmin log viewer. Look for '..\' sequences in the fileName parameter on both the default URI (page=vlf) and /source/loggin/page_log_dwn_file.hsp.
  • Successful exploitation of the file read path will return Windows win.ini content; match response body for the strings 'bit app support', 'fonts', and 'extensions' together as a confirmation of arbitrary file read.
  • The vulnerability is exploitable without authentication (Au:N) and is known to work on Windows platforms where the process runs with SYSTEM privileges, making file reads of sensitive OS files (e.g., win.ini) a reliable indicator.
  • ·Exploitation has been confirmed on Windows platforms (Axigen 8.10 on Windows 2003 SP2); traversal behavior on non-Windows deployments is unconfirmed.

CVSS provenance

nvdv2.06.4MEDIUMAV:N/AC:L/Au:N/C:P/I:P/A:N
vulncheck6.4MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.