Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2014-8741

CWE-22Path Traversal4 documents4 sources
Severity
9.8CRITICAL
EPSS
70.3%
top 1.31%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Lexmark Markvision Enterprise
Timeline
PublishedJan 27
Latest updateMay 17

Description

Directory traversal vulnerability in the GfdFileUploadServerlet servlet in Lexmark MarkVision Enterprise before 2.1 allows remote attackers to write to arbitrary files via unspecified vectors.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-hj63-272c-h8gw: Directory traversal vulnerability in the GfdFileUploadServerlet servlet in Lexmark MarkVision Enterprise before 22022-05-17
CVEList
CVE-2014-8741: Directory traversal vulnerability in the GfdFileUploadServerlet servlet in Lexmark MarkVision Enterprise before 22020-01-27

💥Exploits & PoCs

1
Exploit-DB
Lexmark MarkVision Enterprise - Arbitrary File Upload (Metasploit)2015-01-13
CVE-2014-8741 (CRITICAL CVSS 9.8) | Directory traversal vulnerability i | cvebase.io