CVE-2018-12524

MEDIUM

perfSONAR MaDDash <2.0.2 - Info Disclosure

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-12524. PoCs published by ManhNho.

AI-analyzed exploit summary This is a writeup describing a directory listing vulnerability in MaDDash 2.0.2, which exposes sensitive files in specific directories. No exploit code is provided, only URLs and descriptions of the affected paths.

Description

An issue was discovered in perfSONAR Monitoring and Debugging Dashboard (MaDDash) 2.0.2. A direct request to /lib/ provides a directory listing.

Exploits (1)

exploitdb WRITEUP

by ManhNho · textwebappsjava

https://www.exploit-db.com/exploits/44910

View Code ZIP pw:eip

This is a writeup describing a directory listing vulnerability in MaDDash 2.0.2, which exposes sensitive files in specific directories. No exploit code is provided, only URLs and descriptions of the affected paths.

Classification

Writeup 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: MaDDash 2.0.2

No auth needed

Prerequisites: Network access to the target web server

MITRE ATT&CK

T1083 - File and Directory Discovery

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Exploit, Third Party Advisory x_refsource_misc

https://pastebin.com/eA5tGKf0

Third Party Advisory, VDB Entry exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/44910/

Scores

CVSS v3 5.3

EPSS 0.0722

EPSS Percentile 93.5%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Details

CWE

CWE-200

Status published

Products (1)

perfsonar/monitoring_and_debugging_dashboard 2.0.2

Published Jun 18, 2018

Tracked Since Feb 18, 2026