CVE-2019-10267

HIGH

Ahsay Cloud Backup Suite 7.7.0.0-8.1.0.50 - Unauthenticated Arbitrary File Upload RCE

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2019-10267. PoCs published by Wietse Boonstra, including Metasploit module exploits/windows/misc/ahsay_backup_fileupload.

AI-analyzed exploit summary This exploit targets an insecure file upload vulnerability in Ahsay Backup software, allowing authenticated users to upload a JSP reverse shell for remote code execution. It leverages directory traversal to place the shell in a web-accessible directory and triggers it via HTTP request.

Description

An insecure file upload and code execution issue was discovered in Ahsay Cloud Backup Suite 8.1.0.50. It is possible to upload a file into any directory of the server. One can insert a JSP shell into the web server's directory and execute it. This leads to full access to the system, as the configured user (e.g., Administrator).

Exploits (3)

exploitdb WORKING POC VERIFIED
by Wietse Boonstra · pythonwebappsjsp
https://www.exploit-db.com/exploits/47179

This exploit targets an insecure file upload vulnerability in Ahsay Backup software, allowing authenticated users to upload a JSP reverse shell for remote code execution. It leverages directory traversal to place the shell in a web-accessible directory and triggers it via HTTP request.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Ahsay Backup < 8.1.1.50
Auth required
Prerequisites: Valid credentials for the Ahsay Backup application · Network access to the target system · Java-based web server environment
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC
by Wietse Boonstra · rubywebappsjsp
https://www.exploit-db.com/exploits/47180

This Metasploit module exploits an authenticated insecure file upload vulnerability in Ahsay Backup (CVE-2019-10267) to achieve remote code execution, typically as SYSTEM. It supports account creation via trial functionality and targets both Windows and Linux environments.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Ahsay Backup v7.x - v8.1.1.50
Auth required
Prerequisites: Valid credentials or trial account creation enabled · Network access to the target server
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC EXCELLENT
by Wietse Boonstra · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/misc/ahsay_backup_fileupload.rb

This Metasploit module exploits an authenticated file upload vulnerability in Ahsay Backup (CVE-2019-10267) to achieve remote code execution. It supports account creation via trial functionality and uploads a malicious payload to a writable directory.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Ahsay Backup v7.x - v8.1.1.50
Auth required
Prerequisites: Valid credentials or trial account creation · Network access to the target
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit, Third Party Advisory x_refsource_misc
https://www.wbsec.nl/ahsay/

Scores

CVSS v3 8.8
EPSS 0.6402
EPSS Percentile 98.5%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-434
Status published
Products (1)
ahsay/cloud_backup_suite 7.7.0.0 - 8.1.1.50
Published Jul 26, 2019
Tracked Since Feb 18, 2026