CVE-2006-4490

Cybozu Office < 6.6 Build 1.3 and Share 360 < 2.5 Build 0.3 - Authenticated Directory Traversal via id Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-4490. PoCs published by Tan Chew Keong.

AI-analyzed exploit summary This advisory describes a directory traversal vulnerability in Cybozu Office and Cybozu Share 360, allowing authenticated users to retrieve arbitrary files accessible to the web server process via manipulated 'id' parameters in specific scripts.

Description

Multiple directory traversal vulnerabilities in Cybozu Office before 6.6 Build 1.3 and Share 360 before 2.5 Build 0.3 allow remote authenticated users to read arbitrary files via a .. (dot dot) sequence via the id parameter in (1) scripts/cbag/ag.exe or (2) scripts/s360v2/s360.exe.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Tan Chew Keong · textwebappscgi

https://www.exploit-db.com/exploits/2266

View Code ZIP pw:eip

This advisory describes a directory traversal vulnerability in Cybozu Office and Cybozu Share 360, allowing authenticated users to retrieve arbitrary files accessible to the web server process via manipulated 'id' parameters in specific scripts.

Classification

Writeup 100%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Cybozu Office Version 6.5 (Build 1.2 20050427121735) for Windows, Cybozu Share 360 Version 2.5 (Build 0.2 20050121115231) for Windows

Auth required

Prerequisites: Authenticated access to the vulnerable Cybozu application

MITRE ATT&CK