CVE-2018-25421

MEDIUM

Open STA Manager 2.3 Arbitrary File Download via Path Traversal

Title source: cna

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-25421. PoCs published by Ihsan Sencan.

AI-analyzed exploit summary The exploit demonstrates an arbitrary file download vulnerability in Open STA Manager 2.3 via a path traversal attack in the 'file' parameter of the backup module. The PoC includes a valid HTTP request and response showing successful retrieval of 'win.ini'.

Description

Open STA Manager 2.3 contains a path traversal vulnerability that allows authenticated users to download arbitrary files by manipulating the file parameter. Attackers can send GET requests to modules/backup/actions.php with op=getfile and traverse directories using ../ sequences to access sensitive system files.

Exploits (1)

exploitdb WORKING POC

by Ihsan Sencan · textwebappsphp

https://www.exploit-db.com/exploits/45693

View Code ZIP pw:eip

The exploit demonstrates an arbitrary file download vulnerability in Open STA Manager 2.3 via a path traversal attack in the 'file' parameter of the backup module. The PoC includes a valid HTTP request and response showing successful retrieval of 'win.ini'.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Open STA Manager 2.3

Auth required

Prerequisites: valid session cookie (PHPSESSID) · access to the backup module

MITRE ATT&CK

T1005 - Data from Local System T1552 - Unsecured Credentials

devstral-2 · analyzed May 30, 2026 Full analysis →

References (4)

Core 4

Core References

Exploit exploit

ExploitDB-45693

https://www.exploit-db.com/exploits/45693

Product product

Official Product Homepage

http://www.openstamanager.com/

Product product

Product Reference

https://sourceforge.net/projects/openstamanager/files/latest/download

Third Party Advisory third-party-advisory

VulnCheck Advisory: Open STA Manager 2.3 Arbitrary File Download via Path Traversal

https://www.vulncheck.com/advisories/open-sta-manager-arbitrary-file-download-via-path-traversal

Scores

CVSS v3 6.5

EPSS 0.0033

EPSS Percentile 25.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-22

Status published

Products (1)

Openstamanager/Open STA Manager 2.3

Published May 30, 2026

Tracked Since May 30, 2026