CVE-2016-5537

MEDIUM

Oracle NetBeans 8.1 - Directory Traversal and Arbitrary File Write via ZIP Project Import

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2016-5537. PoCs published by hyp3rlinx.

AI-analyzed exploit summary This exploit demonstrates a directory traversal vulnerability in Oracle NetBeans IDE v8.1 by creating a malicious ZIP archive. The archive contains a PHP file with a command execution payload, which can be placed outside the intended directory during project import, potentially leading to remote code execution if the target system has a web server.

Description

Unspecified vulnerability in the NetBeans component in Oracle Fusion Middleware 8.1 allows local users to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information is from the October 2016 CPU. Oracle has not commented on third-party claims that this issue is a directory traversal vulnerability which allows local users with certain permissions to write to arbitrary files and consequently gain privileges via a .. (dot dot) in a archive entry in a ZIP file imported as a project.

Exploits (1)

exploitdb WORKING POC VERIFIED

by hyp3rlinx · textlocalmultiple

https://www.exploit-db.com/exploits/40588

View Code ZIP pw:eip

This exploit demonstrates a directory traversal vulnerability in Oracle NetBeans IDE v8.1 by creating a malicious ZIP archive. The archive contains a PHP file with a command execution payload, which can be placed outside the intended directory during project import, potentially leading to remote code execution if the target system has a web server.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Oracle NetBeans IDE v8.1

Auth required

Prerequisites: Access to the system where NetBeans IDE is running · Ability to import a malicious project

MITRE ATT&CK