CVE-2016-4004

MEDIUM

Dell OMSA 8.2 - Path Traversal

Title source: llm

Description

Directory traversal vulnerability in Dell OpenManage Server Administrator (OMSA) 8.2 allows remote authenticated administrators to read arbitrary files via a ..\ (dot dot backslash) in the file parameter to ViewFile.

Exploits (2)

nomisec WORKING POC 2 stars
by und3sc0n0c1d0 · poc
https://github.com/und3sc0n0c1d0/AFR-in-OMSA
exploitdb WORKING POC VERIFIED
by hantwister · textwebappswindows
https://www.exploit-db.com/exploits/39486

References (2)

Scores

CVSS v3 4.9
EPSS 0.1217
EPSS Percentile 93.7%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Classification

CWE
CWE-22
Status draft

Affected Products (1)

dell/openmanage_server_administrator

Timeline

Published Apr 12, 2016
Tracked Since Feb 18, 2026