Directory Traversal Vulnerability in Ericsson Drutt Mobile Service Delivery Platform
CVE-2015-2166

Currently unrated

Key Information:

Vendor

Ericsson

Status
Drutt Mobile Service Delivery Platform
Vendor
CVE Published:
6 April 2015

Badges

πŸ‘Ύ Exploit Exists🟑 Public PoC🟣 EPSS 77%

What is CVE-2015-2166?

A directory traversal vulnerability exists in the Instance Monitor component of the Ericsson Drutt Mobile Service Delivery Platform (MSDP) versions 4, 5, and 6. This vulnerability allows remote attackers to bypass access controls and read arbitrary files by exploiting a crafted URI that includes encoded dot-dot-slash sequences. Successful exploitation could lead to unauthorized access to sensitive files, posing a significant risk to affected systems.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2015-2166-EXPLOIT
Created by K3ysTr0K3R

References

http://packetstormsecurity.com/files/131233/Ericsson-Drut...
x_refsource_MISC
http://www.securityfocus.com/bid/73901
vdb-entryx_refsource_BID
https://www.exploit-db.com/exploits/36619/
exploitx_refsource_EXPLOIT-DB

EPSS Score

77% chance of being exploited in the next 30 days.

Timeline

  • 🟑

    Public PoC available

  • πŸ‘Ύ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

JSON
.