CVE-2012-5344

IpTools 0.1.4 - Unauthenticated Path Traversal via HTTP Request

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-5344. PoCs published by demonalex.

AI-analyzed exploit summary This is a writeup describing a directory traversal vulnerability in IpTools Tiny TCP/IP servers. It provides example URLs to exploit the issue but does not include executable code.

Description

Directory traversal vulnerability in the WebServer (Thttpd.bat) in IpTools (aka Tiny TCP/IP server) 0.1.4 allows remote attackers to read arbitrary files via a .. (dot dot) in a HTTP request.

Exploits (1)

exploitdb WRITEUP VERIFIED

by demonalex · textremotewindows

https://www.exploit-db.com/exploits/36513

View Code ZIP pw:eip

This is a writeup describing a directory traversal vulnerability in IpTools Tiny TCP/IP servers. It provides example URLs to exploit the issue but does not include executable code.

Classification

Writeup 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: IpTools Tiny TCP/IP servers 0.1.4

No auth needed

Prerequisites: Network access to the vulnerable web server

MITRE ATT&CK

T1006 - Direct Volume Access

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Exploit mailing-list x_refsource_bugtraq

http://archives.neohapsis.com/archives/bugtraq/2012-01/0045.html

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/51311

Scores

EPSS 0.0715

EPSS Percentile 93.5%

Details

CWE

CWE-22

Status published

Products (1)

kepler_lam/iptools 0.1.4

Published Oct 09, 2012

Tracked Since Feb 18, 2026