CVE-2009-1730

NetMechanica NetDecision TFTP Server 4.2 - Path Traversal and Arbitrary File Write via GET or PUT Command

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2009-1730. PoCs published by Metasploit, Rob Kraus, juan vazquez, including Metasploit module auxiliary/scanner/tftp/netdecision_tftp.

AI-analyzed exploit summary This Metasploit module exploits a directory traversal vulnerability in NetDecision 4.2 TFTP server to upload arbitrary files, achieving remote code execution via a malicious MOF file and executable.

Description

Multiple directory traversal vulnerabilities in NetMechanica NetDecision TFTP Server 4.2 allow remote attackers to read or modify arbitrary files via directory traversal sequences in the (1) GET or (2) PUT command.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/20392

This Metasploit module exploits a directory traversal vulnerability in NetDecision 4.2 TFTP server to upload arbitrary files, achieving remote code execution via a malicious MOF file and executable.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: NetDecision 4.2 TFTP Server
No auth needed
Prerequisites: Network access to the TFTP server · TFTP server running on port 69
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC
by Rob Kraus, juan vazquez · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/tftp/netdecision_tftp.rb

This Metasploit module exploits a directory traversal vulnerability in NetDecision 4.2 TFTP service to read arbitrary files from the target system. It sends a crafted TFTP request with traversal sequences to retrieve files like 'windows\win.ini'.

Classification
Working Poc 95%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: NetDecision 4.2 TFTP service
No auth needed
Prerequisites: Network access to the TFTP service (UDP port 69)
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC EXCELLENT
by Rob Kraus, juan vazquez · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/tftp/netdecision_tftp_traversal.rb

This Metasploit module exploits a directory traversal vulnerability in NetDecision 4.2 TFTP server, allowing arbitrary file uploads to the filesystem, leading to remote code execution. It uploads a malicious executable and a MOF file to trigger execution via WMI.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: NetDecision 4.2 TFTP Server
No auth needed
Prerequisites: Network access to the TFTP server · TFTP server running on port 69
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (4)

Core 4
Core References
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/35131
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/50574
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/35002

Scores

EPSS 0.5451
EPSS Percentile 98.9%

Details

CWE
CWE-22
Status published
Products (1)
netmechanica/netdecision_tftp_server 4.2
Published May 20, 2009
Tracked Since Feb 18, 2026