CVE-2013-2068

Red Hat CloudForms Management Engine 2.0 - Path Traversal and Arbitrary File Write

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2013-2068. PoCs published by Metasploit, including Metasploit module exploits/linux/http/cfme_manageiq_evm_upload_exec.

AI-analyzed exploit summary This Metasploit module exploits a path traversal vulnerability (CVE-2013-2068) in Red Hat CloudForms Management Engine 5.1 by uploading a malicious Ruby controller file to the application's controllers directory. The payload is executed by sending a request to the uploaded controller's action.

Description

Multiple directory traversal vulnerabilities in the AgentController in Red Hat CloudForms Management Engine 2.0 allow remote attackers to create and overwrite arbitrary files via a .. (dot dot) in the filename parameter to the (1) log, (2) upload, or (3) linuxpkgs method.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotelinux
https://www.exploit-db.com/exploits/30469

This Metasploit module exploits a path traversal vulnerability (CVE-2013-2068) in Red Hat CloudForms Management Engine 5.1 by uploading a malicious Ruby controller file to the application's controllers directory. The payload is executed by sending a request to the uploaded controller's action.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Red Hat CloudForms Management Engine 5.1 (ManageIQ Enterprise Virtualization Manager 5.0 and earlier)
No auth needed
Prerequisites: Network access to the target application · SSL enabled on the target
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC EXCELLENT
rubypocruby
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/cfme_manageiq_evm_upload_exec.rb

This Metasploit module exploits a path traversal vulnerability (CVE-2013-2068) in Red Hat CloudForms Management Engine 5.1 to upload a malicious Ruby controller and execute arbitrary code. It leverages the 'linuxpkgs' action in the 'agent' controller to achieve remote code execution.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Red Hat CloudForms Management Engine 5.1 (ManageIQ Enterprise Virtualization Manager 5.0 and earlier)
No auth needed
Prerequisites: Network access to the target application · Target application must be running a vulnerable version
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2013-1206.html
Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=960422
Exploit, Third Party Advisory exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/30469

Scores

EPSS 0.5862
EPSS Percentile 99.0%

Details

CWE
CWE-22
Status published
Products (1)
redhat/cloudforms_management_engine 5.1
Published Sep 28, 2013
Tracked Since Feb 18, 2026