Directory Traversal Vulnerability in Novell ZENworks Mobile Management
CVE-2013-1081

Currently unrated

Key Information:

Vendor: Novell
Status: Zenworks Mobile Management
Vendor: CVE Published:; 11 March 2013

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 83%

What is CVE-2013-1081?

A directory traversal vulnerability exists in the MDM.php component of Novell ZENworks Mobile Management versions 2.6.1 and 2.7.0. This flaw allows remote attackers to manipulate the language parameter to access and execute arbitrary local files on the server, leading to potential unauthorized information disclosure and system compromise.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2013-1081
Created by steponequit

References

http://www.novell.com/support/kb/doc.php?id=7011895

x_refsource_CONFIRM

EPSS Score

83% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
🟡
Public PoC available
May 31, 2013
👾
Exploit known to exist
May 31, 2013
Vulnerability published
Mar 11, 2013