CVE-2014-3806

VMTurbo Operations Manager < 4.6 - Unauthenticated Directory Traversal via xml_path Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-3806. PoCs published by Jamal Pecou.

AI-analyzed exploit summary The advisory describes a directory traversal vulnerability in VM Turbo Operations Manager's '/cgi-bin/help/doIt.cgi' endpoint, allowing unauthorized file access via the 'xml_path' parameter. The example demonstrates reading '/etc/passwd' without authentication.

Description

Directory traversal vulnerability in cgi-bin/help/doIt.cgi in VMTurbo Operations Manager before 4.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the xml_path parameter.

Exploits (1)

exploitdb WRITEUP
by Jamal Pecou · textwebappscgi
https://www.exploit-db.com/exploits/33334

The advisory describes a directory traversal vulnerability in VM Turbo Operations Manager's '/cgi-bin/help/doIt.cgi' endpoint, allowing unauthorized file access via the 'xml_path' parameter. The example demonstrates reading '/etc/passwd' without authentication.

Classification
Writeup 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: VM Turbo Operations Manager 4.5.x and earlier
No auth needed
Prerequisites: Network access to the vulnerable endpoint
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/show/osvdb/106776
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/532061/100/0/threaded
Exploit exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/33334
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/67292

Scores

EPSS 0.0765
EPSS Percentile 93.8%

Details

CWE
CWE-22
Status published
Products (2)
vmturbo/operations_manager 4.0
vmturbo/operations_manager < 4.5
Published May 21, 2014
Tracked Since Feb 18, 2026