CVE-2023-7327
published 2025-11-12CVE-2023-7327: Ozeki SMS Gateway versions up to and including 10.3.208 contain a path traversal vulnerability. Successful exploitation allows an unauthenticated attacker to…
PriorityP266high8.7CVSS 4.0
AVNACLATNPRNUINVCHVINVANSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EXPLOIT
EPSS
1.96%
77.8th percentile
Ozeki SMS Gateway versions up to and including 10.3.208 contain a path traversal vulnerability. Successful exploitation allows an unauthenticated attacker to use URL-encoded traversal sequences to read arbitrary files from the underlying filesystem with the privileges of the gateway service, leading to disclosure of sensitive information.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ozeki_ltd | ozeki_sms_gateway | <= 10.3.208 | — |
Detection & IOCsextracted from sources · hover to see the quote
urlhttps://ozeki-sms-gateway.com/attachments/702/installwindows_1689352737_OzekiSMSGateway_10.3.208.zip↗
- →Detect path traversal attempts using double URL-encoded sequences (%252f) targeting Ozeki SMS Gateway; look for GET requests containing '..%252f' repeated sequences in the URL path. ↗
- →Successful exploitation returns HTTP 200 with Content-Type 'application/octet-stream' and body containing both 'Mail' and 'files' strings (win.ini content indicators). ↗
- →The vulnerability is unauthenticated — no session or credentials are required to trigger the file read; monitor for traversal patterns on Ozeki SMS Gateway endpoints without authentication headers. ↗
- ·Vulnerability affects Ozeki SMS Gateway versions up to and including 10.3.208 only; later versions may not be affected. ↗
- ·The proof-of-concept targets a Windows host (reads windows/win.ini); detection signatures relying on win.ini body content will not fire against Linux deployments — adjust target file accordingly. ↗
- ·The traversal uses double URL-encoding (%252f for /); WAFs or proxies that only decode a single layer will not normalise the path and may miss or incorrectly block the request. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
Ozeki 10 SMS Gateway 10.3.208 - Arbitrary File Read
nuclei·CVSS 8.7
CVE-2023-7327 [HIGH] Ozeki 10 SMS Gateway 10.3.208 - Arbitrary File Read
Ozeki 10 SMS Gateway 10.3.208 - Arbitrary File Read
An arbitrary file read vulnerability, also known as a "path traversal" or "directory traversal" vulnerability, occurs when an attacker is able to access files on a system that they shouldn't have access to. This vulnerability arises from improper input validation or insufficient access controls in an application.
Template:
id: CVE-2023-7327
info:
name: Ozeki 10 SMS Gateway 10.3.208 - Arbitrary File Read
author: r3Y3r53
severity: high
description: |
An arbitrary file read vulnerability, also known as a "path traversal" or "directory traversal" vulnerability, occurs when an attacker is able to access files on a system that they shouldn't have access to. This vulnerability arises from improper input validation or insufficient access cont
No writeups or analysis indexed.
2025-11-12
Published