CVE-2016-4264

HIGH

Adobe ColdFusion <11-Update 10 - Info Disclosure

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2016-4264. PoCs published by Dawid Golunski.

AI-analyzed exploit summary This exploit demonstrates an XXE (XML External Entity) injection vulnerability in Adobe ColdFusion <= 11, allowing arbitrary file reading and directory listing via a crafted OOXML document. It includes a Python script to generate a malicious spreadsheet and set up listeners to exfiltrate data.

Description

The Office Open XML (OOXML) feature in Adobe ColdFusion 10 before Update 21 and 11 before Update 10 allows remote attackers to read arbitrary files or send TCP requests to intranet servers via a crafted OOXML spreadsheet containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Dawid Golunski · pythonwebappsmultiple

https://www.exploit-db.com/exploits/40346

View Code ZIP pw:eip

This exploit demonstrates an XXE (XML External Entity) injection vulnerability in Adobe ColdFusion <= 11, allowing arbitrary file reading and directory listing via a crafted OOXML document. It includes a Python script to generate a malicious spreadsheet and set up listeners to exfiltrate data.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: Adobe ColdFusion <= 11

No auth needed

Prerequisites: External IP address for callback · Ability to upload or supply a malicious OOXML document to the target application

MITRE ATT&CK