CVE-2017-6527

HIGH

dnaTools dnaLIMS 4-2015s13 - Unauthenticated Path Traversal via viewAppletFsa.cgi seqID Parameter

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2017-6527. PoCs published by Shorebreak Security, h00die <[email protected]>, flakey_biscuit <[email protected]>, including Metasploit module auxiliary/scanner/http/dnalims_file_retrieve.

AI-analyzed exploit summary This is a vulnerability advisory detailing multiple issues in dnaLIMS, including session hijacking (CVE-2017-6529), directory traversal, and XSS. No exploit code is provided, only descriptions and technical summaries.

Description

An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to a NUL-terminated directory traversal attack allowing an unauthenticated attacker to access system files readable by the web server user (by using the viewAppletFsa.cgi seqID parameter).

Exploits (2)

exploitdb WRITEUP

by Shorebreak Security · textwebappscgi

https://www.exploit-db.com/exploits/41578

View Code ZIP pw:eip

This is a vulnerability advisory detailing multiple issues in dnaLIMS, including session hijacking (CVE-2017-6529), directory traversal, and XSS. No exploit code is provided, only descriptions and technical summaries.

Classification

Writeup 100%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: dnaLIMS DNA sequencing web-application

No auth needed

Prerequisites: Network access to the target system

MITRE ATT&CK

T1189 - Drive-by Compromise T1021 - Remote Services

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC

by h00die <[email protected]>, flakey_biscuit <[email protected]> · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/dnalims_file_retrieve.rb

View Code ZIP pw:eip

This Metasploit module exploits a directory traversal vulnerability in dnaLIMS via the 'secID' parameter in the 'viewAppletFsa.cgi' script, allowing arbitrary file reads outside the web directory. It sends a crafted HTTP request with traversal sequences to retrieve sensitive files like password databases.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: dnaLIMS (version not specified)

No auth needed

Prerequisites: Network access to the target · Target running vulnerable dnaLIMS with exposed CGI script

MITRE ATT&CK

T1006 - Direct Volume Access

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/96823

Exploit, Technical Description, Third Party Advisory x_refsource_misc

https://www.shorebreaksecurity.com/blog/product-security-advisory-psa0002-dnalims/

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/41578/

Scores

CVSS v3 7.5

EPSS 0.5665

EPSS Percentile 98.9%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-22

Status published

Products (1)

dnatools/dnalims 4-2015s13

Published Mar 09, 2017

Tracked Since Feb 18, 2026