EXPLOITDB-EDB-48427

EXPLOITDB text WORKING POC

Exploit for CVE-2020-37078 - i-doit Open Source CMDB 1.14.1 - File Deletion

AI Analysis

This exploit demonstrates an arbitrary file deletion vulnerability in i-doit Open Source CMDB 1.14.1 via the 'delete_import' parameter in the Import Module. The PoC shows a POST request that can delete any file on the server by specifying the filename in the 'delete_import' parameter.

Attack Type

other

Complexity

trivial

Reliability

reliable

MITRE ATT&CK

T1070.004 - File Deletion

Loading exploit code...

Download ZIP Password: eip

Source

Platform Exploitdb

Type webapps

Platform php

Language text

Files 1

https://www.exploit-db.com/exploits/48427

Authors

Besim İsmail BOZKURT Besim ALTINOK

Vulnerability

CVE-2020-37078

i-doit Open Source CMDB 1.14.1 - File Deletion

HIGH

CVSS 8.8