Exploitation Summary
EIP tracks 1 public exploit for CVE-2019-7751. PoCs published by 0v3rride.
AI-analyzed exploit summary This exploit demonstrates a directory traversal vulnerability in MarcomCentral FusionPro VDP Creator < 10.0, allowing remote attackers to read sensitive files by sending a crafted HTTP request to the FPProducerInternetServer.exe service. The PoC uses the `requests` library to fetch arbitrary files from the target system.
Description
A directory traversal and local file inclusion vulnerability in FPProducerInternetServer.exe in Ricoh MarcomCentral, formerly PTI Marketing, FusionPro VDP before 10.0 allows a remote attacker to list or enumerate sensitive contents of files. Furthermore, this could allow for privilege escalation by dumping the local machine's SAM and SYSTEM database files, and possibly remote code execution.
Exploits (1)
This exploit demonstrates a directory traversal vulnerability in MarcomCentral FusionPro VDP Creator < 10.0, allowing remote attackers to read sensitive files by sending a crafted HTTP request to the FPProducerInternetServer.exe service. The PoC uses the `requests` library to fetch arbitrary files from the target system.
References (2)
Scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N