CVE-2015-2862

Kaseya Virtual System Administrator < 7.0.0.29 - Path Traversal

Title source: rule

Description

Directory traversal vulnerability in Kaseya Virtual System Administrator (VSA) 7.x before 7.0.0.29, 8.x before 8.0.0.18, 9.0 before 9.0.0.14, and 9.1 before 9.1.0.4 allows remote authenticated users to read arbitrary files via a crafted HTTP request.

Exploits (1)

exploitdb WRITEUP

webappswindows

https://www.exploit-db.com/exploits/37621

View Code ZIP pw:eip

References (1)

[Third Party Advisory, US Government Resource] http://www.kb.cert.org/vuls/id/919604

Scores

EPSS 0.0283

EPSS Percentile 86.2%

Details

CWE

CWE-22

Status published

Products (1)

kaseya/virtual_system_administrator 7.0 - 7.0.0.29

Published Jul 20, 2015

Tracked Since Feb 18, 2026