CVE-2007-6315

BarracudaDrive Web Server <3.8 - DoS

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-6315.

AI-analyzed exploit summary The exploit demonstrates multiple vulnerabilities in BarracudaDrive Web Server, including directory traversal, script source visualization, arbitrary file deletion, NULL pointer crash, and HTML injection. It provides specific HTTP requests to exploit these vulnerabilities.

Description

Group Chat in BarracudaDrive Web Server before 3.8 allows remote authenticated users to cause a denial of service (crash) via a HTTP request to /eh/chat.ehintf/C. that does not contain a Connection ID, which results in a NULL pointer dereference.

Exploits (1)

exploitdb WORKING POC

remotewindows

https://www.exploit-db.com/exploits/4713

View Code ZIP pw:eip

The exploit demonstrates multiple vulnerabilities in BarracudaDrive Web Server, including directory traversal, script source visualization, arbitrary file deletion, NULL pointer crash, and HTML injection. It provides specific HTTP requests to exploit these vulnerabilities.

Classification

Working Poc 100%

Attack Type

Other

Complexity

Trivial

Reliability

Reliable

Target: BarracudaDrive Web Server <= 3.7.2

Auth required

Prerequisites: Network access to the target server · Valid user credentials for certain exploits

MITRE ATT&CK