CVE-2010-0620

EMC HomeBase Server 6.2.x < 6.2.3 and 6.3.x < 6.3.2 - Path Traversal and Arbitrary File Write

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2010-0620. PoCs published by Metasploit.

AI-analyzed exploit summary This Metasploit module exploits a directory traversal vulnerability in EMC HomeBase Server 6.3.0 to achieve remote code execution by uploading a malicious executable and a MOF file to trigger its execution.

Description

Directory traversal vulnerability in the SSL Service in EMC HomeBase Server 6.2.x before 6.2.3 and 6.3.x before 6.3.2 allows remote attackers to overwrite arbitrary files with any content, and consequently execute arbitrary code, via a .. (dot dot) in an unspecified parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/17219

View Code ZIP pw:eip

This Metasploit module exploits a directory traversal vulnerability in EMC HomeBase Server 6.3.0 to achieve remote code execution by uploading a malicious executable and a MOF file to trigger its execution.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: EMC HomeBase Server 6.3.0

No auth needed

Prerequisites: Network access to the target system on port 18821 · EMC HomeBase Server 6.3.0 running on the target

MITRE ATT&CK