CVE-2012-1195

Landesk Lenovo Thinkmanagement Console - Access Control

Title source: rule

Description

Unrestricted file upload vulnerability in andesk/managementsuite/core/core.anonymous/ServerSetup.asmx in the ServerSetup web service in Lenovo ThinkManagement Console 9.0.3 allows remote attackers to execute arbitrary code by uploading a file with an executable extension via a PutUpdateFileCore command in a RunAMTCommand SOAP request, then accessing the file via a direct request to the file in the web root.

Exploits (3)

exploitdb WORKING POC VERIFIED

by rgod · textremotewindows

https://www.exploit-db.com/exploits/18622

View Code ZIP pw:eip

metasploit WORKING POC EXCELLENT

by Andrea Micalizzi, juan vazquez · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/landesk_thinkmanagement_upload_asp.rb

View Code ZIP pw:eip

exploitdb WORKING POC

rubyremotewindows

https://www.exploit-db.com/exploits/18714

View on exploitdb

References (5)

[Vendor Advisory] http://secunia.com/advisories/47666

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/73207

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/52023

[Third Party Advisory, VDB Entry] http://osvdb.org/79276

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1026693

Scores

EPSS 0.8654

EPSS Percentile 99.4%

Classification

CWE

CWE-264

Status draft

Affected Products (1)

landesk/lenovo_thinkmanagement_console

Timeline

Published Feb 18, 2012

Tracked Since Feb 18, 2026