CVE-2014-9436

SysAid On-Premise <14.4.2 - Path Traversal

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-9436. PoCs published by Bernhard Mueller.

AI-analyzed exploit summary This exploit demonstrates an unauthenticated arbitrary file disclosure vulnerability in SysAid Server versions prior to 14.4.2. It allows attackers to download sensitive files, such as MSSQL database files containing user credentials and LDAP passwords, via a crafted HTTP request.

Description

Absolute path traversal vulnerability in SysAid On-Premise before 14.4.2 allows remote attackers to read arbitrary files via a \\\\ (four backslashes) in the fileName parameter to getRdsLogFile.

Exploits (1)

exploitdb WORKING POC
by Bernhard Mueller · textwebappswindows
https://www.exploit-db.com/exploits/35593

This exploit demonstrates an unauthenticated arbitrary file disclosure vulnerability in SysAid Server versions prior to 14.4.2. It allows attackers to download sensitive files, such as MSSQL database files containing user credentials and LDAP passwords, via a crafted HTTP request.

Classification
Working Poc 100%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: SysAid On-Premise < 14.4.2
No auth needed
Prerequisites: Network access to the SysAid server · Knowledge of the target file paths
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Exploit exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/35593
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/99456
Exploit mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2014/Dec/99

Scores

EPSS 0.0690
EPSS Percentile 93.2%

Details

CWE
CWE-22
Status published
Products (1)
sysaid/sysaid < 14.4
Published Jan 02, 2015
Tracked Since Feb 18, 2026