Exploitation Summary
EIP tracks 1 public exploit for CVE-2018-25365. PoCs published by Berk Dusunur.
AI-analyzed exploit summary This exploit demonstrates a directory traversal vulnerability in PCViewer vt1000, allowing an attacker to read arbitrary files (e.g., /etc/passwd) via a crafted HTTP GET request. The PoC includes a sample request and response showing successful file retrieval.
Description
PCViewer vt1000 contains a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files by submitting relative path sequences in GET requests. Attackers can use path traversal sequences ../../../../../../../../../../../../etc/passwd to access sensitive system files outside the intended directory.
Exploits (1)
This exploit demonstrates a directory traversal vulnerability in PCViewer vt1000, allowing an attacker to read arbitrary files (e.g., /etc/passwd) via a crafted HTTP GET request. The PoC includes a sample request and response showing successful file retrieval.
References (3)
Scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N