CVE-2012-1047

Cyberoam Central Console <2.00.2 - Path Traversal

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-1047. PoCs published by Vulnerability-Lab.

AI-analyzed exploit summary This exploit demonstrates a file include vulnerability in Cyberoam Central Console v2.00.2, allowing remote attackers to access local files such as TelnetConsole.jsp via crafted requests to the WWWHELP service.

Description

Directory traversal vulnerability in the WWWHELP Service (js/html/wwhelp.htm) in Cyberoam Central Console (CCC) 2.00.2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the file parameter in an Online_help action.

Exploits (1)

exploitdb WORKING POC

by Vulnerability-Lab · textwebappsmultiple

https://www.exploit-db.com/exploits/18473

View Code ZIP pw:eip

This exploit demonstrates a file include vulnerability in Cyberoam Central Console v2.00.2, allowing remote attackers to access local files such as TelnetConsole.jsp via crafted requests to the WWWHELP service.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Cyberoam Central Console v2.00.2

No auth needed

Prerequisites: Network access to the target Cyberoam Central Console

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Various Sources x_refsource_misc

http://www.vulnerability-lab.com/get_content.php?id=405

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/51901

Exploit, Third Party Advisory exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/18473

Exploit mailing-list x_refsource_bugtraq

http://archives.neohapsis.com/archives/bugtraq/2012-02/0036.html

Scores

EPSS 0.0274

EPSS Percentile 84.2%

Details

CWE

CWE-22

Status published

Products (1)

cyberoam/cyberoam_central_console 2.00.2

Published Feb 12, 2012

Tracked Since Feb 18, 2026