CVE-2019-25582

MEDIUM

i-doit CMDB 1.12 Arbitrary File Download via file_manager Parameter

Title source: cna

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-25582. PoCs published by Ihsan Sencan.

AI-analyzed exploit summary This exploit demonstrates an arbitrary file download vulnerability in i-doit CMDB 1.12 by manipulating the 'file' parameter in the 'file_manager' endpoint to retrieve sensitive files like 'src/config.inc.php'. The PoC includes a raw HTTP request showing the attack vector.

Description

i-doit CMDB 1.12 contains an arbitrary file download vulnerability that allows authenticated attackers to download sensitive files by manipulating the file parameter in index.php. Attackers can send GET requests to index.php with file_manager=image and supply arbitrary file paths like src/config.inc.php to retrieve configuration files and sensitive system data.

Exploits (1)

exploitdb WORKING POC

by Ihsan Sencan · textwebappsphp

https://www.exploit-db.com/exploits/46133

View Code ZIP pw:eip

This exploit demonstrates an arbitrary file download vulnerability in i-doit CMDB 1.12 by manipulating the 'file' parameter in the 'file_manager' endpoint to retrieve sensitive files like 'src/config.inc.php'. The PoC includes a raw HTTP request showing the attack vector.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: i-doit CMDB 1.12

Auth required

Prerequisites: valid session cookie (PHPSESSID) · knowledge of the target path

MITRE ATT&CK

T1005 - Data from Local System T1552 - Unsecured Credentials

devstral-2 · analyzed Mar 21, 2026 Full analysis →

References (4)

Core 4

Core References

Exploit exploit

ExploitDB-46133

https://www.exploit-db.com/exploits/46133

Product product

Official Product Homepage

https://www.i-doit.org/

Product product

Product Reference

https://netcologne.dl.sourceforge.net/project/i-doit/i-doit/1.12/idoit-open-1.12.zip

Third Party Advisory third-party-advisory

VulnCheck Advisory: i-doit CMDB 1.12 Arbitrary File Download via file_manager Parameter

https://www.vulncheck.com/advisories/i-doit-cmdb-arbitrary-file-download-via-file-manager-parameter

Scores

CVSS v3 6.5

EPSS 0.0037

EPSS Percentile 28.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-434

Status published

Products (2)

I-Doit/doit CMDB 1.12

i-doit/i-doit 1.12

Published Mar 21, 2026

Tracked Since Mar 21, 2026