CVE-2020-15492

CRITICAL

INNEO Startup TOOLS 12.0.66.3784-13.0.70.3804 - Unauthenticated Path Traversal via sut_srv.exe Web Application

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2020-15492. PoCs published by Patrick Hener, patrickhener.

AI-analyzed exploit summary This Go-based exploit targets CVE-2020-15492 in INNEO Startup TOOLS 2018, leveraging directory traversal to poison log files with PHP payloads, ultimately achieving remote code execution via a PowerShell reverse shell.

Description

An issue was discovered in INNEO Startup TOOLS 2017 M021 12.0.66.3784 through 2018 M040 13.0.70.3804. The sut_srv.exe web application (served on TCP port 85) includes user input into a filesystem access without any further validation. This might allow an unauthenticated attacker to read files on the server via Directory Traversal, or possibly have unspecified other impact.

Exploits (2)

exploitdb WORKING POC

by Patrick Hener · gowebappsmultiple

https://www.exploit-db.com/exploits/48693

View Code ZIP pw:eip

This Go-based exploit targets CVE-2020-15492 in INNEO Startup TOOLS 2018, leveraging directory traversal to poison log files with PHP payloads, ultimately achieving remote code execution via a PowerShell reverse shell.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: INNEO Startup TOOLS 2018 M040 13.0.70.3804

No auth needed

Prerequisites: Network access to the target server · Knowledge of the installation directory

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059.001 - PowerShell

devstral-2 · analyzed Feb 18, 2026 Full analysis →

nomisec WORKING POC

by patrickhener · poc

https://github.com/patrickhener/CVE-2020-15492

View Code ZIP pw:eip

This repository contains a Go-based exploit for CVE-2020-15492, targeting INNEO Startup TOOLS 2017/2018. The exploit leverages directory traversal and log poisoning to achieve remote code execution via a reverse shell.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: INNEO Startup TOOLS 2017/2018 (M040 13.0.70.3804)

No auth needed

Prerequisites: Network access to the vulnerable application · Knowledge of the installation directory

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Core References

Product, Vendor Advisory x_refsource_misc

https://www.inneo.co.uk/en/product-development/inneo-in-house-products/startup-tools.html

Exploit, Third Party Advisory x_refsource_misc

https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2020-028.txt

Third Party Advisory x_refsource_misc

https://www.syss.de/pentest-blog/2020/syss-2020-028-sicherheitsschwachstelle-in-inneo-startup-tools-2017-und-2018/

Vendor Advisory x_refsource_confirm

https://www.inneo.de/files/content/Produktentwicklung/Tools-und-Erweiterungen/Startup-TOOLS/INNEO-SA-SUT-2020-01.pdf

Exploit, Third Party Advisory x_refsource_misc

http://packetstormsecurity.com/files/158556/INNEO-Startup-TOOLS-2018-M040-13.0.70.3804-Remote-Code-Execution.html

Scores

CVSS v3 9.8

EPSS 0.3774

EPSS Percentile 97.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-22

Status published

Products (1)

inneo/startup_tools 12.0.66.3784 - 13.0.70.3804

Published Jul 23, 2020

Tracked Since Feb 18, 2026