CVE-2011-2474

EXPLOITED

Sybase EAServer 6.3.1 Developer Edition - Path Traversal via HTTP Server

Title source: llm

Exploitation Summary

CVE-2011-2474 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including Sow Ching Shiong, sinn3r, including a Metasploit module auxiliary/scanner/http/sybase_easerver_traversal.

AI-analyzed exploit summary This Metasploit module exploits a directory traversal vulnerability in Sybase EAserver 6.3's Jetty webserver, allowing unauthorized file downloads via crafted HTTP requests. It does not include RCE but can leak sensitive files if the server permits.

Description

Directory traversal vulnerability in the HTTP Server in Sybase EAServer 6.3.1 Developer Edition allows remote attackers to read arbitrary files via a /.\../\../\ sequence in a path.

Exploits (1)

metasploit WORKING POC

by Sow Ching Shiong, sinn3r · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/sybase_easerver_traversal.rb

View Code ZIP pw:eip

This Metasploit module exploits a directory traversal vulnerability in Sybase EAserver 6.3's Jetty webserver, allowing unauthorized file downloads via crafted HTTP requests. It does not include RCE but can leak sensitive files if the server permits.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Sybase EAserver 6.3

No auth needed

Prerequisites: Network access to port 8000 · Knowledge of target file paths

MITRE ATT&CK

T1006 - Direct Volume Access

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Third Party Advisory third-party-advisory x_refsource_idefense

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=912

Scores

EPSS 0.1212

EPSS Percentile 94.0%

Details

VulnCheck KEV 2022-01-12

CWE

CWE-22

Status published

Products (1)

sybase/easerver 6.3.1

Published Jun 09, 2011

Tracked Since Feb 18, 2026