Exploitation Summary
EIP tracks 1 public exploit for CVE-2012-4991. PoCs published by Sebastian Perez.
AI-analyzed exploit summary This is a writeup describing a path traversal vulnerability in Axway SecureTransport versions 5.1 SP2 and earlier. The vulnerability allows remote attackers to access, read, download, delete, and upload arbitrary files using encoded backslash characters (%5c) in the path.
Description
Multiple directory traversal vulnerabilities in Axway SecureTransport 5.1 SP2 and earlier allow remote authenticated users to (1) read, (2) delete, or (3) create files, or (4) list directories, via a ..%5C (encoded dot dot backslash) in a URI.
Exploits (1)
This is a writeup describing a path traversal vulnerability in Axway SecureTransport versions 5.1 SP2 and earlier. The vulnerability allows remote attackers to access, read, download, delete, and upload arbitrary files using encoded backslash characters (%5c) in the path.