CVE-2018-7719
published 2018-03-25CVE-2018-7719: Acrolinx Server before 5.2.5 on Windows allows Directory Traversal.
PriorityP266high7.5CVSS 3.0
AVNACLPRNUINSUCHINAN
EXPLOIT
EPSS
46.31%
98.7th percentile
Acrolinx Server before 5.2.5 on Windows allows Directory Traversal.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| acrolinx | acrolinx_server | < 5.2.5 | 5.2.5 |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect directory traversal attempts using mixed forward/backslash sequences (/..\ patterns) in HTTP GET requests targeting Windows file paths such as win.ini. ↗
- →Confirm successful exploitation by checking HTTP response body for all three strings: 'bit app support', 'fonts', and 'extensions' (contents of windows\win.ini). ↗
- →The traversal payload uses backslash characters after the initial forward slash, characteristic of Windows-targeted path traversal on the Acrolinx Server dashboard endpoint. ↗
- ·The exploit requires sending a raw HTTP request with unsafe characters (backslashes in URL path); standard HTTP clients may normalize or reject the payload before it reaches the server. ↗
- ·Vulnerability is Windows-specific; the traversal relies on Windows path separator handling and targets Windows system files. ↗
CVSS provenance
nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Acrolinx Server < 5.2.5 - Directory Traversal
exploitdb·2018-03-26
CVE-2018-7719 Acrolinx Server < 5.2.5 - Directory Traversal
Acrolinx Server < 5.2.5 - Directory Traversal
---
# Exploit Title: Acrolinx Dashboard Directory Traversal
# CVE: CVE 2018-7719
# Date: 19.02.2017
# Exploit Author: Berk Dusunur
# Vendor Homepage: www.acrolinx.com
# Version:Before 5.2.5
PoC
Acrolinx dashboard windows works on the server.
http://localhost/..\..\..\..\..\..\..\..\..\..\..\..\..\..\windows\win.ini
http://www.berkdusunur.net/2018/03/tr-en-acrolinx-dashboard-directory.html
Nuclei
Acrolinx Server <5.2.5 - Local File Inclusion
nuclei·CVSS 7.5
CVE-2018-7719 [HIGH] Acrolinx Server <5.2.5 - Local File Inclusion
Acrolinx Server <5.2.5 - Local File Inclusion
Acrolinx Server prior to 5.2.5 suffers from a local file inclusion vulnerability.
Template:
id: CVE-2018-7719
info:
name: Acrolinx Server <5.2.5 - Local File Inclusion
author: 0x_akoko
severity: high
description: |
Acrolinx Server prior to 5.2.5 suffers from a local file inclusion vulnerability.
impact: |
Successful exploitation of this vulnerability can result in unauthorized access to sensitive files on the server, potentially leading to further compromise of the system.
remediation: |
Upgrade Acrolinx Server to version 5.2.5 or later to mitigate the vulnerability.
reference:
- https://packetstormsecurity.com/files/146911/Acrolinx-Server-Directory-Traversal.html
- https://support.acrolinx.com/hc/en-us/articles/213987685-Acrolinx-Server-Ve
No writeups or analysis indexed.
https://support.acrolinx.com/hc/en-us/articles/213987685-Acrolinx-Server-Version-5-1-including-subsequent-service-releases-https://www.exploit-db.com/exploits/44345/https://support.acrolinx.com/hc/en-us/articles/213987685-Acrolinx-Server-Version-5-1-including-subsequent-service-releases-https://www.exploit-db.com/exploits/44345/
2018-03-25
Published