Arbitrary File Deletion in Novell File Reporter by Novell
CVE-2011-2750

Currently unrated

Key Information:

Vendor: Novell
Status: File Reporter
Vendor: CVE Published:; 17 July 2011

Summary

A vulnerability exists in Novell File Reporter where the NFRAgent.exe allows remote attackers to delete arbitrary files by sending a specially crafted request. This exploit targets the SRS OPERATION 4 CMD 5 command to the /FSF/CMD endpoint, enabling unauthorized file removal, which can lead to significant data loss and unauthorized access.

References

http://securitytracker.com/id?1025716

vdb-entryx_refsource_SECTRACK

http://secunia.com/advisories/45071

third-party-advisoryx_refsource_SECUNIA

http://aluigi.org/adv/nfr_2-adv.txt

x_refsource_MISC

EPSS Score

63% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jul 17, 2011
Vulnerability Reserved
Jul 17, 2011