EIP-2026-119340

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-119340. PoCs published by Richard Brain.

AI-analyzed exploit summary This is a technical writeup detailing an unauthenticated directory traversal vulnerability in 3Com iMC (Intelligent Management Center) versions 3.3.9 and 3.3 SP1 R2 606. The vulnerability allows arbitrary file retrieval from the server's filesystem via crafted HTTP requests to the `/imc/report/DownloadReportSource` endpoint.

Description

3Com* iMC (Intelligent Management Center) - Traversal File Retrieval

Exploits (1)

exploitdb WRITEUP VERIFIED

by Richard Brain · textwebappswindows

https://www.exploit-db.com/exploits/12679

View Code ZIP pw:eip

This is a technical writeup detailing an unauthenticated directory traversal vulnerability in 3Com iMC (Intelligent Management Center) versions 3.3.9 and 3.3 SP1 R2 606. The vulnerability allows arbitrary file retrieval from the server's filesystem via crafted HTTP requests to the `/imc/report/DownloadReportSource` endpoint.

Classification

Writeup 100%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: 3Com iMC (Intelligent Management Center) versions 3.3.9 and 3.3 SP1 R2 606

No auth needed

Prerequisites: Network access to the target server on port 8080 · Knowledge of the target filesystem structure

MITRE ATT&CK

T1006 - Direct Volume Access T1083 - File and Directory Discovery

devstral-2 · analyzed Feb 18, 2026 Full analysis →

3Com* iMC (Intelligent Management Center) - Traversal File Retrieval

Exploitation Summary

Description

Exploits (1)

Details