CVE-2006-4681

IBM Director <5.10 - Path Traversal

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-4681. PoCs published by Daniel Clemens.

AI-analyzed exploit summary The exploit describes a directory traversal vulnerability in IBM Director's Redirect.bat CGI script, allowing unauthorized file reads via path traversal sequences. The vulnerability is fixed in version 5.10.

Description

Directory traversal vulnerability in Redirect.bat in IBM Director before 5.10 allows remote attackers to read arbitrary files via a .. (dot dot) sequence in the file parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Daniel Clemens · textremotewindows
https://www.exploit-db.com/exploits/2320

The exploit describes a directory traversal vulnerability in IBM Director's Redirect.bat CGI script, allowing unauthorized file reads via path traversal sequences. The vulnerability is fixed in version 5.10.

Classification
Writeup 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: IBM Director < 5.10
No auth needed
Prerequisites: Network access to the IBM Director CGI interface
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (7)

Core 7
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/28836
Exploit, Patch vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1016815
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2006/3532
Exploit, Patch, Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/21802
Exploit, Patch vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/19898
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/2320

Scores

EPSS 0.0358
EPSS Percentile 88.0%

Details

Status published
Products (1)
ibm/director < 3.1
Published Sep 11, 2006
Tracked Since Feb 18, 2026