CVE-2011-3305

Cisco NAC Manager 4.8.x - Path Traversal via TCP Port 443

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2011-3305. Includes Metasploit module auxiliary/scanner/http/cisco_nac_manager_traversal.

AI-analyzed exploit summary This Metasploit module exploits a directory traversal vulnerability in Cisco Network Access Manager 4.8.x by sending crafted HTTP GET requests to traverse directories and retrieve arbitrary files. It iteratively tests different traversal depths to bypass restrictions and fetch the specified file.

Description

Directory traversal vulnerability in Cisco Network Admission Control (NAC) Manager 4.8.x allows remote attackers to read arbitrary files via crafted traffic to TCP port 443, aka Bug ID CSCtq10755.

Exploits (1)

metasploit WORKING POC

rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/cisco_nac_manager_traversal.rb

View Code ZIP pw:eip

This Metasploit module exploits a directory traversal vulnerability in Cisco Network Access Manager 4.8.x by sending crafted HTTP GET requests to traverse directories and retrieve arbitrary files. It iteratively tests different traversal depths to bypass restrictions and fetch the specified file.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Cisco Network Access Manager 4.8.x

No auth needed

Prerequisites: Network access to the target · SSL enabled on the target

MITRE ATT&CK

T1006 - Direct Volume Access

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6

Core References

Vendor Advisory vendor-advisory x_refsource_cisco

http://www.cisco.com/warp/public/707/cisco-sa-20111005-nac.shtml

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id?1026142

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/46309

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/49954

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://osvdb.org/76080

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/70335

Scores

EPSS 0.2159

EPSS Percentile 97.3%

Details

CWE

CWE-22

Status published

Products (3)

cisco/nac_manager 4.8

cisco/nac_manager 4.8\(1\)

cisco/nac_manager 4.8\(2\)

Published Oct 06, 2011

Tracked Since Feb 18, 2026