CVE-2011-2653

Novell ZENworks Asset Management 7.5 - Remote Code Execution via rtrlet Directory Traversal

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2011-2653. PoCs published by Metasploit, Unknown, juan vazquez, including Metasploit module exploits/windows/http/zenworks_assetmgmt_uploadservlet.

AI-analyzed exploit summary This Metasploit module exploits a path traversal vulnerability in Novell ZENworks Asset Management 7.5. It uploads a malicious WAR file outside the intended directory via the CatchFileServlet and triggers arbitrary code execution by accessing the uploaded JSP payload.

Description

Directory traversal vulnerability in the rtrlet component in Novell ZENworks Asset Management (ZAM) 7.5 allows remote attackers to execute arbitrary code by uploading an executable file.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotejava

https://www.exploit-db.com/exploits/20502

View Code ZIP pw:eip

This Metasploit module exploits a path traversal vulnerability in Novell ZENworks Asset Management 7.5. It uploads a malicious WAR file outside the intended directory via the CatchFileServlet and triggers arbitrary code execution by accessing the uploaded JSP payload.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Novell ZENworks Asset Management 7.5

No auth needed

Prerequisites: Network access to the target server · Tomcat running on port 8080

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC EXCELLENT

by Unknown, juan vazquez · rubypocjava

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/zenworks_assetmgmt_uploadservlet.rb

View Code ZIP pw:eip

This Metasploit module exploits a path traversal vulnerability in Novell ZENworks Asset Management 7.5 via the CatchFileServlet to upload a malicious WAR file outside the intended directory, leading to arbitrary code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Novell ZENworks Asset Management 7.5

No auth needed

Prerequisites: Network access to the target server · Tomcat web server running on port 8080

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Various Sources x_refsource_confirm

http://download.novell.com/Download?buildid=hPvHtXeNmCU~

Third Party Advisory x_refsource_misc

http://zerodayinitiative.com/advisories/ZDI-11-342/

Scores

EPSS 0.7393

EPSS Percentile 99.4%

Details

CWE

CWE-22

Status published

Products (1)

novell/zenworks_asset_management 7.5

Published Dec 08, 2011

Tracked Since Feb 18, 2026