cbcvebase.
CVE-2018-19753
published 2018-12-05

CVE-2018-19753: Tarantella Enterprise before 3.11 allows Directory Traversal.

PriorityP262high7.5CVSS 3.0
AVNACLPRNUINSUCHINAN
EXPLOIT
EPSS
16.56%
96.6th percentile
Tarantella Enterprise before 3.11 allows Directory Traversal.

Affected

1 ranges
VendorProductVersion rangeFixed in
oracletarantella_enterprise< 3.113.11

Detection & IOCsextracted from sources · hover to see the quote

url/tarantella/cgi-bin/secure/ttawlogin.cgi/?action=start&pg=../../../../../../../../../../../../../../../etc/passwd
path/tarantella/cgi-bin/secure/ttawlogin.cgi
  • Send a GET request to the ttawlogin.cgi endpoint with the 'pg' parameter set to a path traversal payload targeting /etc/passwd. A successful exploitation returns HTTP 200 with content matching 'root:[x*]:0:0'.
  • Match response body for Unix /etc/passwd root entry pattern to confirm successful local file inclusion.
  • Vulnerability is exploitable without authentication (PR:N, UI:N) via a network-accessible GET request.
  • ·Vulnerability affects Tarantella Enterprise versions prior to 3.11 only.

CVSS provenance

nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.