CVE-2013-6720

EXPLOITED

IBM Tealeaf CX 7.x, 8.x-8.6, 8.7-8.8 - Authenticated Path Traversal via Log Parameter

Title source: llm

Exploitation Summary

CVE-2013-6720 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including drone.

AI-analyzed exploit summary This exploit demonstrates a remote OS command injection vulnerability in IBM Tealeaf CX (v8 release 8) by injecting commands into the 'testconn_host' parameter of the delivery.php endpoint. It leverages a POST request with crafted data to execute arbitrary commands without authentication.

Description

Directory traversal vulnerability in download.php in the Passive Capture Application (PCA) web console in IBM Tealeaf CX 7.x, 8.x through 8.6, 8.7 before FP2, and 8.8 before FP2 allows remote authenticated users to bypass intended access restrictions via a .. (dot dot) in the log parameter, as demonstrated using a crafted request for a customer-support file, as demonstrated by a log file.

Exploits (1)

exploitdb WORKING POC

by drone · pythonwebappsphp

https://www.exploit-db.com/exploits/32546

View Code ZIP pw:eip

This exploit demonstrates a remote OS command injection vulnerability in IBM Tealeaf CX (v8 release 8) by injecting commands into the 'testconn_host' parameter of the delivery.php endpoint. It leverages a POST request with crafted data to execute arbitrary commands without authentication.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: IBM Tealeaf CX Version 8 Release 8 (and likely prior versions)

No auth needed

Prerequisites: Network access to the target server · The delivery.php endpoint must be accessible

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Exploit, Third Party Advisory exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/32546

Vendor Advisory x_refsource_confirm

https://tealeaf.support.ibmcloud.com/FileManagement/Download/19eb90ffb8334b398684b4350edc4b7a

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/89229

Scores

EPSS 0.0413

EPSS Percentile 88.9%

Details

VulnCheck KEV 2022-01-12

CWE

CWE-22

Status published

Products (11)

ibm/tealeaf_cx 7.1

ibm/tealeaf_cx 7.2

ibm/tealeaf_cx 8.0

ibm/tealeaf_cx 8.1

ibm/tealeaf_cx 8.2

ibm/tealeaf_cx 8.3

ibm/tealeaf_cx 8.4

ibm/tealeaf_cx 8.5

ibm/tealeaf_cx 8.6

ibm/tealeaf_cx 8.7

... and 1 more

Published Mar 06, 2014

Tracked Since Feb 18, 2026