cbcvebase.
CVE-2015-7603
published 2015-09-29

CVE-2015-7603: Directory traversal vulnerability in Konica Minolta FTP Utility 1.0 allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in a RETR…

PriorityP264high7.8CVSS 2.0
AVNACLAuNCCINAN
EXPLOIT
EPSS
60.68%
99.0th percentile
Directory traversal vulnerability in Konica Minolta FTP Utility 1.0 allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in a RETR command.

Affected

1 ranges
VendorProductVersion rangeFixed in
konicaminoltaftp_utility

Detection & IOCsextracted from sources · hover to see the quote

urlhttp://download.konicaminolta.hk/bt/driver/mfpu/ftpu/ftpu_10.zip
commandRETR ..\/
commandRETR ..\ (dot dot backslash)
  • Detect FTP RETR commands containing directory traversal sequences ('..\' or '..//') targeting Konica Minolta FTP Utility 1.0
  • Monitor FTP traffic for RETR commands with traversal strings such as '..//' which are the specific payload patterns used by the Metasploit module for this CVE
  • ·Vulnerability is specific to Konica Minolta FTP Utility version 1.0 only; other versions are not confirmed affected
  • ·The Metasploit module is classified as an auxiliary scanner/information disclosure module, meaning exploitation requires no authentication and results in arbitrary file read from the server
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.