CVE-2013-5486

DCNM-SAN Server <6.2(1) - Path Traversal

Title source: llm

Description

Directory traversal vulnerability in processImageSave.jsp in DCNM-SAN Server in Cisco Prime Data Center Network Manager (DCNM) before 6.2(1) allows remote attackers to write arbitrary files via the chartid parameter, aka Bug IDs CSCue77035 and CSCue77036. NOTE: this can be leveraged to execute arbitrary commands by using the JBoss autodeploy functionality.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotejava

https://www.exploit-db.com/exploits/30008

View Code ZIP pw:eip

metasploit WORKING POC EXCELLENT

rubypocjava

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/cisco_dcnm_upload.rb

View Code ZIP pw:eip

References (2)

[Vendor Advisory] http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130918-dcnm

[Exploit, Third Party Advisory, VDB Entry] http://www.exploit-db.com/exploits/30008

Scores

EPSS 0.8868

EPSS Percentile 99.5%

Details

CWE

CWE-78

Status published

Products (19)

cisco/prime_data_center_network_manager 4.1\(2\)

cisco/prime_data_center_network_manager 4.1\(3\)

cisco/prime_data_center_network_manager 4.1\(4\)

cisco/prime_data_center_network_manager 4.1\(5\)

cisco/prime_data_center_network_manager 4.2\(1\)

cisco/prime_data_center_network_manager 4.2\(3\)

cisco/prime_data_center_network_manager 5.0\(2\)

cisco/prime_data_center_network_manager 5.0\(3\)

cisco/prime_data_center_network_manager 5.1\(1\)

cisco/prime_data_center_network_manager 5.1\(2\)

... and 9 more

Published Sep 23, 2013

Tracked Since Feb 18, 2026