CVE-1999-0268
MetaInfo MetaWeb - Unauthenticated Arbitrary File Upload and Remote Code Execution
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-1999-0268. PoCs published by Jeff Forristal.
AI-analyzed exploit summary This is a detailed technical analysis of a directory traversal vulnerability in MetaInfo's MetaWeb server, allowing unauthorized file access and command execution on NT systems. It includes root cause analysis, exploit mechanics, and impact assessment.
Description
MetaInfo MetaWeb web server allows users to upload, execute, and read scripts.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Jeff Forristal · textremotemultiple
https://www.exploit-db.com/exploits/19084
This is a detailed technical analysis of a directory traversal vulnerability in MetaInfo's MetaWeb server, allowing unauthorized file access and command execution on NT systems. It includes root cause analysis, exploit mechanics, and impact assessment.
Classification
Writeup 100%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target:
MetaInfo MetaWeb Server (bundled with MetaIP 3.1, Sendmail 2.0 & 2.5)
No auth needed
Prerequisites:
Network access to the MetaWeb server port (default 5000) · Knowledge of target file paths
mistral-large-3 · analyzed Feb 18, 2026
Full analysis →
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/110
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/3969
Scores
EPSS
0.0592
EPSS Percentile
92.4%
Details
Status
published
Products (1)
metainfo/metaweb
Published
Jan 01, 1999
Tracked Since
Feb 18, 2026