CVE-2011-5127

Blue Coat Reporter 9.x < 9.2.4.13, 9.2.5.x < 9.2.5.1, 9.3 < 9.3.1.2 - Path Traversal

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2011-5127. PoCs published by nitr0us.

AI-analyzed exploit summary This is a detailed writeup describing an unauthenticated directory traversal vulnerability in Blue Coat Reporter versions 9.2.x and 9.1.x. It includes vulnerability discovery details, exploitation hints, and proof of concept paths but does not contain executable exploit code.

Description

Directory traversal vulnerability in Blue Coat Reporter 9.x before 9.2.4.13, 9.2.5.x before 9.2.5.1, and 9.3 before 9.3.1.2 on Windows allows remote attackers to read arbitrary files, and consequently execute arbitrary code, via an unspecified HTTP request.

Exploits (1)

exploitdb WRITEUP

by nitr0us · textremotehardware

https://www.exploit-db.com/exploits/17883

View Code ZIP pw:eip

This is a detailed writeup describing an unauthenticated directory traversal vulnerability in Blue Coat Reporter versions 9.2.x and 9.1.x. It includes vulnerability discovery details, exploitation hints, and proof of concept paths but does not contain executable exploit code.

Classification

Writeup 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Blue Coat Reporter 9.2.x - 9.1.x

No auth needed

Prerequisites: network access to the target system

MITRE ATT&CK

T1006 - Direct Volume Access

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Vendor Advisory x_refsource_confirm

https://kb.bluecoat.com/index?page=content&id=SA60

Scores

EPSS 0.1316

EPSS Percentile 95.9%

Details

CWE

CWE-22

Status published

Products (4)

bluecoat/reporter 9.2.4.1

bluecoat/reporter 9.2.4.12

bluecoat/reporter 9.2.5

bluecoat/reporter 9.3.1.1

Published Aug 26, 2012

Tracked Since Feb 18, 2026