CVE-2012-4959

Novell File Reporter <1.0.2 - Path Traversal

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2012-4959. PoCs published by Abysssec, Metasploit, juan vazquez, including Metasploit module exploits/windows/novell/file_reporter_fsfui_upload.

AI-analyzed exploit summary This exploit targets a remote code execution vulnerability in Novell File Reporter Agent via XML parsing. It crafts a malicious MOF file to execute arbitrary commands on the target system and retrieves the output.

Description

Directory traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to upload and execute files via a 130 /FSF/CMD request with a .. (dot dot) in a FILE element of an FSFUI record.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Abysssec · pythonremotewindows
https://www.exploit-db.com/exploits/23323

This exploit targets a remote code execution vulnerability in Novell File Reporter Agent via XML parsing. It crafts a malicious MOF file to execute arbitrary commands on the target system and retrieves the output.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Novell File Reporter Agent
No auth needed
Prerequisites: Network access to the target system on port 3037 · Target system must be running Novell File Reporter Agent
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/22787

This Metasploit module exploits a directory traversal vulnerability in Novell File Reporter (NFR) Agent to upload arbitrary files via FSFUI records with UICMD 130, leading to remote code execution (RCE). It uploads a VBS payload and a MOF file to execute the payload on the target system.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Novell File Reporter (NFR) Agent 1.0.4.3 (File Reporter 1.0.2) and NFR Agent 1.0.3.22 (File Reporter 1.0.1)
No auth needed
Prerequisites: Network access to the target system on port 3037 · Target system running vulnerable NFR Agent
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC GREAT
by juan vazquez · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/novell/file_reporter_fsfui_upload.rb

This Metasploit module exploits a directory traversal vulnerability in Novell File Reporter (NFR) Agent to upload arbitrary files via FSFUI records with UICMD 130. It achieves remote code execution by uploading a VBS payload and a MOF file to execute it.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Novell File Reporter (NFR) Agent 1.0.4.3 (File Reporter 1.0.2) and NFR Agent 1.0.3.22 (File Reporter 1.0.1)
No auth needed
Prerequisites: Network access to the target on port 3037 · SSL enabled on the target
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/273371

Scores

EPSS 0.7119
EPSS Percentile 99.3%

Details

CWE
CWE-22
Status published
Products (1)
novell/file_reporter 1.0.2
Published Nov 18, 2012
Tracked Since Feb 18, 2026