← back
CVE-2013-2068

CVE-2013-2068

50Vexday Risk Score

Patch soon. It has a working public exploit.

ssvc Attendepss 59%
from disclosure to weapon87 days
Published on NVDSep 28
1st PoC+87d
metasploitSep 4
exploitation probability
59%top 1% of all CVEs
observed exploitation
nono source reports it
2 public exploit(s)
Multiple directory traversal vulnerabilities in the AgentController in Red Hat CloudForms Management Engine 2.0 allow remote attackers to create and overwrite arbitrary files via a .. (dot dot) in the filename parameter to the (1) log, (2) upload, or (3) linuxpkgs method.
Affected products
n/a · n/a
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.