CVE-2014-7816

WildFly Directory Traversal

Title source: metasploit

Description

Directory traversal vulnerability in JBoss Undertow 1.0.x before 1.0.17, 1.1.x before 1.1.0.CR5, and 1.2.x before 1.2.0.Beta3, when running on Windows, allows remote attackers to read arbitrary files via a .. (dot dot) in a resource URI.

Exploits (4)

nomisec STUB

by dawetmaster · poc

https://github.com/dawetmaster/CVE-2014-7816-undertow-vulnerable

View Code ZIP pw:eip

nomisec STUB

by andikahilmy · poc

https://github.com/andikahilmy/CVE-2014-7816-undertow-vulnerable

View Code ZIP pw:eip

nomisec STUB

by shoucheng3 · poc

https://github.com/shoucheng3/undertow-io__undertow_CVE-2014-7816_1-0-16-Final

View Code ZIP pw:eip

metasploit WORKING POC

rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/wildfly_traversal.rb

View Code ZIP pw:eip

References (5)

[Mailing List] http://seclists.org/oss-sec/2014/q4/830

[Vendor Advisory] https://bugzilla.redhat.com/show_bug.cgi?id=1157478

[Vendor Advisory] https://issues.jboss.org/browse/UNDERTOW-338

[Vendor Advisory] https://issues.jboss.org/browse/WFLY-4020

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/71328

Scores

EPSS 0.5515

EPSS Percentile 98.1%

Details

CWE

CWE-22

Status published

Products (4)

io.undertow/undertow-core 1.0.0 - 1.0.17Maven

redhat/undertow < 1.0.16

redhat/undertow < 1.1.0

redhat/undertow < 1.2.0

Published Dec 01, 2014

Tracked Since Feb 18, 2026