CVE-2014-100015
50Vexday Risk Score
Patch soon. It has a working public exploit.
ssvc Attendepss 57%
from disclosure to weapon0 days
Published on NVDJan 13
1st PoCFeb 22
metasploitFeb 22
exploitation probability
57%top 1% of all CVEs
observed exploitation
nono source reports it
5 public exploit(s)
Directory traversal vulnerability in pdmwService.exe in SolidWorks Workgroup PDM 2014 allows remote attackers to write to arbitrary files via a .. (dot dot) in the filename in a file upload.
Affected products
n/a · n/apublic PoCs found — 5
exploitdbwww.exploit-db.com/exploits/32163unverifiedexploitdbwww.exploit-db.com/exploits/31831unverifiedcve_referencepacketstormsecurity.com/files/125361unverifiedcve_referencewww.exploit-db.com/exploits/31831unverifiedcve_referencewww.exploit-db.com/exploits/32163unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.