EXPLOITDB-EDB-42402

EXPLOITDB ruby WORKING POC

Exploit for CVE-2016-9349 - Advantech SUISAccess Server <3.0 - Info Disclosure

AI Analysis

This Ruby script exploits CVE-2026-9351 in Advantech SUSIAccess by leveraging directory traversal to extract credentials from log files, then uploading a malicious ZIP file to achieve arbitrary file write and potential remote code execution.

Attack Type

RCE

Complexity

moderate

Reliability

reliable

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1190 - Exploit Public-Facing Application T1003 - OS Credential Dumping

Loading exploit code...

Download ZIP Password: eip

Source

Platform Exploitdb

Type webapps

Platform jsp

Language ruby

Files 1

https://www.exploit-db.com/exploits/42402

Authors

James Fitts

Vulnerability

CVE-2016-9349

Advantech SUISAccess Server <3.0 - Info Disclosure

HIGH

CVSS 7.5