CVE-2019-11013

MEDIUM NUCLEI

Softvelum Nimble Streamer < 3.5.4-9 - Path Traversal

Title source: rule

Description

Nimble Streamer 3.0.2-2 through 3.5.4-9 has a ../ directory traversal vulnerability. Successful exploitation could allow an attacker to traverse the file system to access files or directories that are outside of the restricted directory on the remote server.

Exploits (1)

exploitdb WORKING POC

by MaYaSeVeN · textwebappsmultiple

https://www.exploit-db.com/exploits/47301

View Code ZIP pw:eip

Nuclei Templates (1)

Nimble Streamer <=3.5.4-9 - Local File Inclusion

MEDIUMby 0x_Akoko

References (2)

[Exploit, Third Party Advisory, VDB Entry] http://packetstormsecurity.com/files/154196/Nimble-Streamer-3.x-Directory-Traversal.html

[Exploit, Third Party Advisory] https://mayaseven.com/nimble-directory-traversal-in-nimble-streamer-version-3-0-2-2-to-3-5-4-9/

Scores

CVSS v3 6.5

EPSS 0.8735

EPSS Percentile 99.5%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-22

Status published

Products (1)

softvelum/nimble_streamer 3.0.2-2 - 3.5.4-9

Published Aug 22, 2019

Tracked Since Feb 18, 2026