CVE-2010-3863

Apache Shiro < 1.0.0 - Path Traversal

Title source: rule

Description

Apache Shiro before 1.1.0, and JSecurity 0.9.x, does not canonicalize URI paths before comparing them to entries in the shiro.ini file, which allows remote attackers to bypass intended access restrictions via a crafted request, as demonstrated by the /./account/index.jsp URI.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Luke Taylor · textremotemultiple

https://www.exploit-db.com/exploits/34952

View Code ZIP pw:eip

nomisec SCANNER

by sh1inroot-alt · poc

https://github.com/sh1inroot-alt/shiro-cve-2010-3863

View Code ZIP pw:eip

References (7)

[Exploit] http://archives.neohapsis.com/archives/fulldisclosure/2010-11/0020.html

[Third Party Advisory, VDB Entry] http://osvdb.org/69067

[Vendor Advisory] http://secunia.com/advisories/41989

[Exploit] http://www.securityfocus.com/bid/44616

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/62959

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/514616/100/0/threaded

[Third Party Advisory] http://www.vupen.com/english/advisories/2010/2888

Scores

EPSS 0.1097

EPSS Percentile 93.5%

Details

CWE

CWE-22

Status published

Products (3)

apache/shiro < 1.0.0

jsecurity/jsecurity 0.9.0

org.apache.shiro/shiro-root 0 - 1.1.0Maven

Published Nov 05, 2010

Tracked Since Feb 18, 2026