CVE-2014-5301
published 2017-08-28CVE-2014-5301: Directory traversal vulnerability in ServiceDesk Plus MSP v5 to v9.0 v9030; AssetExplorer v4 to v6.1; SupportCenter v5 to v7.9; IT360 v8 to v10.4.
PriorityP272high8.8CVSS 3.0
AVNACLPRLUINSUCHIHAH
EXPLOIT
EPSS
78.38%
99.5th percentile
Directory traversal vulnerability in ServiceDesk Plus MSP v5 to v9.0 v9030; AssetExplorer v4 to v6.1; SupportCenter v5 to v7.9; IT360 v8 to v10.4.
Detection & IOCsextracted from sources · hover to see the quote
- ·Authentication is required to exploit this vulnerability; the module attempts default credentials but can also accept a pre-authenticated session cookie, meaning compromised or weak credentials are a prerequisite. ↗
- ·Only ServiceDesk v9 build 9031 and above was patched at time of module release; AssetExplorer, SupportCenter, and IT360 remained unpatched. ↗
- ·For IT360 targets, the ServiceDesk component typically runs on port 8400, not the default 8080; defenders should ensure monitoring covers both ports. ↗
- ·The exploit is effective on both Windows and Linux deployments, so platform-specific defenses alone are insufficient. ↗
CVSS provenance
nvdv3.08.8HIGHCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.09.0CRITICALAV:N/AC:L/Au:S/C:C/I:C/A:C
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
ManageEngine (Multiple Products) - (Authenticated) Arbitrary File Upload (Metasploit)
exploitdb·2015-01-20
CVE-2014-5301 ManageEngine (Multiple Products) - (Authenticated) Arbitrary File Upload (Metasploit)
ManageEngine (Multiple Products) - (Authenticated) Arbitrary File Upload (Metasploit)
---
##
# This module requires Metasploit: http://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
require 'msf/core'
class Metasploit3 'ManageEngine Multiple Products Authenticated File Upload',
'Description' => %q{
This module exploits a directory traversal vulnerability in ManageEngine ServiceDesk,
AssetExplorer, SupportCenter and IT360 when uploading attachment files. The JSP that accepts
the upload does not handle correctly '../' sequences, which can be abused to write
in the file system. Authentication is needed to exploit this vulnerability, but this module
will attempt to login using the default credentials for the administrator and guest
accounts. Alt
Metasploit
ManageEngine Multiple Products Authenticated File Upload
metasploit
ManageEngine Multiple Products Authenticated File Upload
ManageEngine Multiple Products Authenticated File Upload
This module exploits a directory traversal vulnerability in ManageEngine ServiceDesk, AssetExplorer, SupportCenter and IT360 when uploading attachment files. The JSP that accepts the upload does not handle correctly '../' sequences, which can be abused to write to the file system. Authentication is needed to exploit this vulnerability, but this module will attempt to login using the default credentials for the administrator and guest accounts. Alternatively, you can provide a pre-authenticated cookie or a username / password. For IT360 targets, enter the RPORT of the ServiceDesk instance (usually 8400). All versions of ServiceDesk prior v9 build 9031 (including MSP but excluding v4), AssetExplorer, SupportCenter and IT360 (including
No writeups or analysis indexed.
http://packetstormsecurity.com/files/129806/ManageEngine-Shell-Upload-Directory-Traversal.htmlhttp://packetstormsecurity.com/files/130020/ManageEngine-Multiple-Products-Authenticated-File-Upload.htmlhttp://seclists.org/fulldisclosure/2015/Jan/5http://secunia.com/advisories/62105http://www.securityfocus.com/archive/1/534377/100/0/threadedhttps://exchange.xforce.ibmcloud.com/vulnerabilities/99610https://www.exploit-db.com/exploits/35845/http://packetstormsecurity.com/files/129806/ManageEngine-Shell-Upload-Directory-Traversal.htmlhttp://packetstormsecurity.com/files/130020/ManageEngine-Multiple-Products-Authenticated-File-Upload.htmlhttp://seclists.org/fulldisclosure/2015/Jan/5http://secunia.com/advisories/62105http://www.securityfocus.com/archive/1/534377/100/0/threadedhttps://exchange.xforce.ibmcloud.com/vulnerabilities/99610https://www.exploit-db.com/exploits/35845/
2017-08-28
Published