CVE-2006-5725

AEP Smartgate SSL Server 4.3b - Directory Existence Disclosure via HTTP Status Code

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-5725. PoCs published by prdelka.

AI-analyzed exploit summary This exploit leverages a directory traversal vulnerability in AEP Smartgate's SSL server to download arbitrary files. It constructs a malicious HTTP GET request with traversal sequences to access files outside the web root.

Description

The SSL server in AEP Smartgate 4.3b allows remote attackers to determine existence of directories via a direct request for a directory URI, which returns different HTTP status codes for existing and non-existing directories.

Exploits (1)

exploitdb WORKING POC VERIFIED
by prdelka · cremotewindows
https://www.exploit-db.com/exploits/2637

This exploit leverages a directory traversal vulnerability in AEP Smartgate's SSL server to download arbitrary files. It constructs a malicious HTTP GET request with traversal sequences to access files outside the web root.

Classification
Working Poc 95%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: AEP Smartgate V4.3B
No auth needed
Prerequisites: Network access to the target's SSL port (default 443) · OpenSSL library for SSL/TLS communication
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Patch, Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/22550
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2006/4224
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/2637
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/29802

Scores

EPSS 0.0275
EPSS Percentile 84.3%

Details

CWE
CWE-200
Status published
Products (1)
aep_networks/smartgate_ssl_server 4.3b
Published Nov 04, 2006
Tracked Since Feb 18, 2026