cbcvebase.
CVE-2018-7719
published 2018-03-25

CVE-2018-7719: Acrolinx Server before 5.2.5 on Windows allows Directory Traversal.

PriorityP266high7.5CVSS 3.0
AVNACLPRNUINSUCHINAN
EXPLOIT
EPSS
46.31%
98.7th percentile
Acrolinx Server before 5.2.5 on Windows allows Directory Traversal.

Affected

1 ranges
VendorProductVersion rangeFixed in
acrolinxacrolinx_server< 5.2.55.2.5

Detection & IOCsextracted from sources · hover to see the quote

url/..\..\..\..\..\..\..\..\..\..\..\..\..\..\windows\win.ini
urlhttp://localhost/..\..\..\..\..\..\..\..\..\..\..\..\..\..\windows\win.ini
  • Detect directory traversal attempts using mixed forward/backslash sequences (/..\ patterns) in HTTP GET requests targeting Windows file paths such as win.ini.
  • Confirm successful exploitation by checking HTTP response body for all three strings: 'bit app support', 'fonts', and 'extensions' (contents of windows\win.ini).
  • The traversal payload uses backslash characters after the initial forward slash, characteristic of Windows-targeted path traversal on the Acrolinx Server dashboard endpoint.
  • ·The exploit requires sending a raw HTTP request with unsafe characters (backslashes in URL path); standard HTTP clients may normalize or reject the payload before it reaches the server.
  • ·Vulnerability is Windows-specific; the traversal relies on Windows path separator handling and targets Windows system files.

CVSS provenance

nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.