CVE-2012-5931

NetIQ Privileged User Manager 2.3.x - Authenticated Path Traversal and Arbitrary File Write via Log Pathname

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-5931. PoCs published by rgod.

AI-analyzed exploit summary This exploit targets a pre-authentication vulnerability in Novell NetIQ Privileged User Manager 2.3.1, allowing remote code execution by modifying the admin password via the `pa_modify_accounts()` function in `auth.dll`. It then leverages a post-auth flaw in `regclnt.dll` to write arbitrary files, achieving SYSTEM-level command execution.

Description

Directory traversal vulnerability in the set_log_config function in regclnt.dll in unifid.exe in NetIQ Privileged User Manager 2.3.x before 2.3.1 HF2 allows remote authenticated users to create or overwrite arbitrary files via directory traversal sequences in a log pathname.

Exploits (1)

exploitdb WORKING POC VERIFIED
by rgod · textremotewindows
https://www.exploit-db.com/exploits/22737

This exploit targets a pre-authentication vulnerability in Novell NetIQ Privileged User Manager 2.3.1, allowing remote code execution by modifying the admin password via the `pa_modify_accounts()` function in `auth.dll`. It then leverages a post-auth flaw in `regclnt.dll` to write arbitrary files, achieving SYSTEM-level command execution.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Novell NetIQ Privileged User Manager 2.3.1
No auth needed
Prerequisites: Network access to TCP port 443 on the target · PHP with cURL extension
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Various Sources x_refsource_confirm
http://download.novell.com/Download?buildid=K6-PmbPjduA~
Vendor Advisory x_refsource_confirm
https://www.netiq.com/support/kb/doc.php?id=7011385

Scores

EPSS 0.0728
EPSS Percentile 93.6%

Details

CWE
CWE-22
Status published
Products (2)
microfocus/privileged_user_manager 2.3.0
microfocus/privileged_user_manager 2.3.1
Published Dec 24, 2012
Tracked Since Feb 18, 2026