cbcvebase.
CVE-2020-15050
published 2020-07-13

CVE-2020-15050: An issue was discovered in the Video Extension in Suprema BioStar 2 before 2.8.2. Remote attackers can read arbitrary files from the server via Directory…

PriorityP270high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EXPLOIT
EPSS
50.73%
98.8th percentile
An issue was discovered in the Video Extension in Suprema BioStar 2 before 2.8.2. Remote attackers can read arbitrary files from the server via Directory Traversal.

Affected

1 ranges
VendorProductVersion rangeFixed in
supremaincbiostar_2< 2.8.22.8.2

Detection & IOCsextracted from sources · hover to see the quote

path/../../../../../../../../../../../../windows/win.ini
commandcurl -X GET --path-as-is -k ${args[0]}${args[1]}
  • Detect LFI exploitation attempts by matching HTTP GET requests containing excessive path traversal sequences (../../../../) targeting Windows system files such as win.ini in the URL path.
  • Match HTTP response body for the strings 'bit app support', 'fonts', and 'extensions' simultaneously — these are win.ini section markers confirming successful LFI file read.
  • ·The vulnerability exists specifically in the Video Extension component of BioStar 2, not the core product — detection should be scoped to endpoints served by that extension.
  • ·The exploit was tested on Windows targets only; traversal payload targets Windows-specific paths (win.ini). Linux-hosted deployments may use different traversal targets.

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.