CVE-2019-11013
CVE-2019-11013
Vexday Risk Score
43Attention
SSVC decision (CISA)
Attend
PoC available → attend closely
Exploit maturity
Functional exploit
Automatable exploit available (Nuclei/Metasploit).
CVSS —EPSS 24.0%KEV nãoPoC públicaNuclei simMetasploit —Patch —
Lifecycle
22 Aug 2019Published on NVD
23 Aug 2019Public PoC
Weaponization speed
same dayto first PoC
Weaponized quickly — attackers prioritized this vulnerability. Patch urgently.
Recommendation: Plan a near-term fix — a public PoC already exists.
Nimble Streamer 3.0.2-2 through 3.5.4-9 has a ../ directory traversal vulnerability. Successful exploitation could allow an attacker to traverse the file system to access files or directories that are outside of the restricted directory on the remote server.
Affected products
n/a · n/apublic PoCs found — 2
cve_referencepacketstormsecurity.com/files/154196/Nimble-Streamer-3.x-Directory-Traversal.htmlunverifiedexploitdbwww.exploit-db.com/exploits/47301unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.