EXPLOITDB-EDB-42699

EXPLOITDB ruby WORKING POC
Exploit for CVE-2014-0780 - Indusoft Web Studio - Path Traversal
AI Analysis

This Metasploit auxiliary module exploits a directory traversal vulnerability in Indusoft Web Studio <= 7.1 before SP2 Patch 4, allowing unauthorized file downloads from the underlying system. It sends a crafted HTTP GET request with traversal sequences to retrieve files like 'boot.ini'.

Attack Type
info_leak
Complexity
trivial
Reliability
reliable
MITRE ATT&CK
T1006 - Direct Volume Access T1083 - File and Directory Discovery
Loading exploit code...
Download ZIP Password: eip
Source
Platform Exploitdb
Type webapps
Platform windows
Language ruby
Files 1
Authors
James Fitts
Vulnerability
CVE-2014-0780
Indusoft Web Studio - Path Traversal
CRITICAL KEV
CVSS 9.8