CVE-2017-15276

HIGH

OpenText Documentum Content Server < 7.3 - Authenticated Path Traversal via TAR Archive Symlinks

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-15276. PoCs published by Andrey B. Panfilov.

AI-analyzed exploit summary This exploit leverages a path traversal vulnerability via symlinks in TAR archives to escalate privileges in Opentext Documentum Content Server. It uploads a malicious TAR archive to overwrite sensitive files, leading to privilege escalation.

Description

OpenText Documentum Content Server (formerly EMC Documentum Content Server) through 7.3 contains the following design gap, which allows an authenticated user to gain superuser privileges: Content Server allows uploading content using batches (TAR archives). When unpacking TAR archives, Content Server fails to verify the contents of an archive, which causes a path traversal vulnerability via symlinks. Because some files on the Content Server filesystem are security-sensitive, this leads to privilege escalation.

Exploits (1)

exploitdb WORKING POC

by Andrey B. Panfilov · pythonwebappsmultiple

https://www.exploit-db.com/exploits/43002

View Code ZIP pw:eip

This exploit leverages a path traversal vulnerability via symlinks in TAR archives to escalate privileges in Opentext Documentum Content Server. It uploads a malicious TAR archive to overwrite sensitive files, leading to privilege escalation.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: Opentext Documentum Content Server (formerly EMC Documentum Content Server) 7.2.0270.0377

Auth required

Prerequisites: Authenticated user credentials · Access to upload TAR archives

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/101639

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/43002/

Mailing List, Third Party Advisory, VDB Entry x_refsource_misc

http://seclists.org/bugtraq/2017/Oct/19

Scores

CVSS v3 8.8

EPSS 0.0949

EPSS Percentile 94.8%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-22

Status published

Products (1)

opentext/documentum_content_server < 7.3

Published Oct 13, 2017

Tracked Since Feb 18, 2026