CVE-2007-6499

Hosting Controller < 6.1_hotfix_3.3 - Authenticated FrontPage Extensions Uninstallation via fp2002/UNINSTAL.asp

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-6499. PoCs published by BugReport.IR.

AI-analyzed exploit summary The exploit demonstrates multiple vulnerabilities in Hosting Controller 6.1 Hot fix <= 3.3, including authentication bypass, privilege escalation, and arbitrary file upload leading to remote code execution. It provides detailed steps and HTML/JS PoC code for exploiting these flaws.

Description

Unspecified vulnerability in Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote authenticated users to uninstall the FrontPage extensions of an arbitrary account via a request to fp2002/UNINSTAL.asp with a "host id (IIS) value."

Exploits (1)

exploitdb WORKING POC VERIFIED

by BugReport.IR · textwebappsasp

https://www.exploit-db.com/exploits/4730

View Code ZIP pw:eip

The exploit demonstrates multiple vulnerabilities in Hosting Controller 6.1 Hot fix <= 3.3, including authentication bypass, privilege escalation, and arbitrary file upload leading to remote code execution. It provides detailed steps and HTML/JS PoC code for exploiting these flaws.

Classification

Working Poc 95%

Attack Type

Rce | Auth Bypass | Sqli | Info Leak

Complexity

Moderate

Reliability

Reliable

Target: Hosting Controller 6.1 Hot fix <= 3.3

No auth needed

Prerequisites: Access to the target Hosting Controller web interface

MITRE ATT&CK