CVE-2012-1196
Landesk Lenovo Thinkmanagement Console - Path Traversal
Title source: ruleDescription
Directory traversal vulnerability in the VulCore web service (WSVulnerabilityCore/VulCore.asmx) in Lenovo ThinkManagement Console 9.0.3 allows remote attackers to delete arbitrary files via a .. (dot dot) in the filename parameter in a SetTaskLogByFile SOAP request.
Exploits (2)
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/18714
exploitdb
WORKING POC
VERIFIED
by rgod · textremotewindows
https://www.exploit-db.com/exploits/18623
References (5)
Scores
EPSS
0.7739
EPSS Percentile
99.0%
Details
CWE
CWE-22
Status
published
Products (1)
landesk/lenovo_thinkmanagement_console
9.0.3
Published
Feb 18, 2012
Tracked Since
Feb 18, 2026