CVE-2013-2068
50Vexday Risk Score
Patch soon. It has a working public exploit.
ssvc Attendepss 59%
from disclosure to weapon87 days
Published on NVDSep 28
1st PoC+87d
metasploitSep 4
exploitation probability
59%top 1% of all CVEs
observed exploitation
nono source reports it
2 public exploit(s)
Multiple directory traversal vulnerabilities in the AgentController in Red Hat CloudForms Management Engine 2.0 allow remote attackers to create and overwrite arbitrary files via a .. (dot dot) in the filename parameter to the (1) log, (2) upload, or (3) linuxpkgs method.
Affected products
n/a · n/apublic PoCs found — 2
cve_referencewww.exploit-db.com/exploits/30469unverifiedexploitdbwww.exploit-db.com/exploits/30469unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.