Published: 19/08/2015 Updated: 13/02/2023

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 510

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

Directory traversal vulnerability in the fileserver upload/download functionality for blob messages in Apache ActiveMQ 5.x prior to 5.11.2 for Windows allows remote malicious users to create JSP files in arbitrary directories via unspecified vectors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apache activemq 5.0.0
apache activemq 5.1.0
apache activemq 5.2.0
apache activemq 5.3.0
apache activemq 5.3.1
apache activemq 5.3.2
apache activemq 5.4.0
apache activemq 5.4.1
apache activemq 5.4.2
apache activemq 5.4.3
apache activemq 5.5.0
apache activemq 5.5.1
apache activemq 5.6.0
apache activemq 5.7.0
apache activemq 5.8.0
apache activemq 5.9.0
apache activemq 5.9.1
apache activemq 5.10.0
apache activemq 5.10.1
apache activemq 5.10.2
apache activemq 5.11.0
apache activemq 5.11.1

Directory traversal vulnerability in the fileserver upload/download functionality for blob messages in Apache ActiveMQ 5x before 5112 for Windows allows remote attackers to create JSP files in arbitrary directories via unspecified vectors ...

This Metasploit module exploits a directory traversal vulnerability (CVE-2015-1830) in Apache ActiveMQ versions 5x before 5112 for Windows The module tries to upload a JSP payload to the /admin directory via the traversal path /fileserver/\\admin\\ using an HTTP PUT request with the default ActiveMQ credentials admin:admin (or other credentia ...

## # This module requires Metasploit: metasploitcom/download # Current source: githubcom/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient def initialize(info = {}) super(update_info(info, 'Name' => 'Apach ...

I have recently been playing with Apache ActiveMQ, and came across a simple but interesting directory traversal flaw in the fileserver upload/download functionality I have only been able to reproduce this on Windows, ie where "\" is a path delimiter An attacker could use this flaw to upload arbitrary files to the server, including a JSP shell ...

bgscan漏洞集成工具

bgscan bgscan漏洞集成工具注：部分代码来源网络直接修改使用的。 1项目文件结构： ├── bgscanpy ├── awvs │   ├── awvspy │   └── urltxt ├── bgscanpy ├── fofa │   ├── __init__py │   └── fofapy ├── nmap_scan │&

CWE-22 http://activemq.apache.org/security-advisories.data/CVE-2015-1830-announcement.txt http://www.securitytracker.com/id/1033315 http://www.zerodayinitiative.com/advisories/ZDI-15-407/http://www.securityfocus.com/bid/76452 http://www.zerodayinitiative.com/advisories/ZDI-15-407 http://packetstormsecurity.com/files/156643/Apache-ActiveMQ-5.11.1-Directory-Traversal-Shell-Upload.html https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2%40%3Ccommits.activemq.apache.org%3E https://nvd.nist.gov https://github.com/yuag/bgscan https://packetstormsecurity.com/files/156643/Apache-ActiveMQ-5.11.1-Directory-Traversal-Shell-Upload.html https://www.exploit-db.com/exploits/48181 https://access.redhat.com/security/cve/cve-2015-1830

CVE-2015-1830

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect