Published: 17/07/2017 Updated: 03/05/2019

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 516

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Oracle, GlassFish Server Open Source Edition 4.1 is vulnerable to both authenticated and unauthenticated Directory Traversal vulnerability, that can be exploited by issuing a specially crafted HTTP GET request.

Vulnerable Product	Search on Vulmon	Subscribe to Product
oracle glassfish server 4.1

Trustwave SpiderLabs Security Advisory TWSL2015-016: Path Traversal in Oracle GlassFish Server Open Source Edition Published: 08/27/2015 Version: 10 Vendor: Oracle Corporation (Project sponsored by Oracle) Product: GlassFish Server Open Source Edition Version affected: 41 and prior versions Product description: Built using the GlassFish Serve ...

## # This module requires Metasploit: metasploitcom/download # Current source: githubcom/rapid7/metasploit-framework ## class MetasploitModule < Msf::Auxiliary include Msf::Auxiliary::Report include Msf::Auxiliary::Scanner include Msf::Exploit::Remote::HttpClient def initialize(info = {}) super(update_info(info, ...

# Exploit title: Oracle Glassfish OSE 41 - Path Traversal (Metasploit) # Author: Dhiraj Mishra # Date: 2018-08-14 # Software: Oracle Glassfish Server OSE # Version: 41 # Software link: downloadoraclecom/glassfish/41/release/glassfish-41zip # CVE: 2017-1000028 ## # This module requires Metasploit: metasploitcom/download # Cur ...

POC&EXP for GlassFish<4.1.1(not including 4.1.1).

CVE-2017-1000028 POC&EXP for GlassFish<411(not including 411) Param: -u:For single url but without outputing the /etc/passwd -ut:For single url but with outputing the /etc/passwd -f:Read url from the urltxt and prove it if the url is vulnerable -c:This must be used with the parameter "-u",like:python3 CVE-2017-1000028py -u xxxxxxxxxx

POC&EXP for GlassFish<4.1.1(not including 4.1.1).

CVE-2017-1000028 POC&EXP for GlassFish<411(not including 411) Param: -u:For single url but without outputing the /etc/passwd -ut:For single url but with outputing the /etc/passwd -f:Read url from the urltxt and prove it if the url is vulnerable -c:This must be used with the parameter "-u",like:python3 CVE-2017-1000028py -u xxxxxxxxxx

CWE-22 https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-016/?fid=6904 https://www.exploit-db.com/exploits/45196/https://www.exploit-db.com/exploits/45198/https://nvd.nist.gov https://github.com/NeonNOXX/CVE-2017-1000028 https://www.exploit-db.com/exploits/39441/

CVE-2017-1000028

Vulnerability Summary

Vulnerability Trend

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect