CVE-2010-5324

Novell ZENworks Configuration Management (ZCM) <10.3 - Path Traversal

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2010-5324. PoCs published by Metasploit, MC, including Metasploit module exploits/windows/http/zenworks_uploadservlet.

AI-analyzed exploit summary This Metasploit module exploits a directory traversal vulnerability in Novell ZENworks Configuration Management 10.2.0 via the UploadServlet to upload a malicious WAR file outside the intended directory, leading to remote code execution.

Description

Directory traversal vulnerability in UploadServlet in the Remote Management component in Novell ZENworks Configuration Management (ZCM) 10 before 10.3 allows remote attackers to execute arbitrary code via a zenworks-fileupload request with a crafted directory name in the type parameter, in conjunction with a WAR filename in the filename parameter and WAR content in the POST data, a different vulnerability than CVE-2010-5323.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotemultiple

https://www.exploit-db.com/exploits/16784

View Code ZIP pw:eip

This Metasploit module exploits a directory traversal vulnerability in Novell ZENworks Configuration Management 10.2.0 via the UploadServlet to upload a malicious WAR file outside the intended directory, leading to remote code execution.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Novell ZENworks Configuration Management 10.2.0

No auth needed

Prerequisites: Network access to the target server · UploadServlet endpoint accessible

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 18, 2026 Full analysis →

metasploit WORKING POC EXCELLENT

by MC · rubypocjava

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/zenworks_uploadservlet.rb

View Code ZIP pw:eip

This Metasploit module exploits a directory traversal vulnerability in Novell ZENworks Configuration Management 10.2.0 to upload a malicious WAR file outside the intended directory, leading to arbitrary code execution via a JSP payload.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Novell ZENworks Configuration Management 10.2.0

No auth needed

Prerequisites: Network access to the target server · UploadServlet endpoint accessible

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Core References

Patch, Vendor Advisory x_refsource_confirm

https://www.novell.com/support/kb/doc.php?id=7005573

Third Party Advisory x_refsource_misc

http://www.zerodayinitiative.com/advisories/ZDI-10-078/

Exploit x_refsource_misc

http://tucanalamigo.blogspot.com/2010/04/pdc-de-zdi-10-078.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/39114

Issue Tracking x_refsource_confirm

https://bugzilla.novell.com/show_bug.cgi?id=578911

Scores

EPSS 0.7201

EPSS Percentile 99.4%

Details

CWE

CWE-22

Status published

Products (3)

novell/zenworks_configuration_management 10.0

novell/zenworks_configuration_management 10.1

novell/zenworks_configuration_management 10.2

Published Jun 07, 2015

Tracked Since Feb 18, 2026