Vulnerabilities > CVE-2018-10077 - XXE vulnerability in Vertiv Watchdog Console 3.2.2
Attack vector
NETWORK Attack complexity
LOW Privileges required
HIGH Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE Summary
XML external entity (XXE) vulnerability in Geist WatchDog Console 3.2.2 allows remote authenticated administrators to read arbitrary files via crafted XML data.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 1 |
Common Weakness Enumeration (CWE)
Exploit-Db
description | Geist WatchDog Console 3.2.2 - Multiple Vulnerabilities. CVE-2018-10077,CVE-2018-10078,CVE-2018-10079. Webapps exploit for XML platform. Tags: Cross-Site Scr... |
file | exploits/xml/webapps/44493.txt |
id | EDB-ID:44493 |
last seen | 2018-05-24 |
modified | 2018-04-18 |
platform | xml |
port | |
published | 2018-04-18 |
reporter | Exploit-DB |
source | https://www.exploit-db.com/download/44493/ |
title | Geist WatchDog Console 3.2.2 - Multiple Vulnerabilities |
type | webapps |
Packetstorm
data source | https://packetstormsecurity.com/files/download/147253/geistwc322-xxexss.txt |
id | PACKETSTORM:147253 |
last seen | 2018-04-19 |
published | 2018-04-19 |
reporter | bzyo |
source | https://packetstormsecurity.com/files/147253/Geist-WatchDog-Console-3.2.2-XSS-XML-Injection-Insecure-Permissions.html |
title | Geist WatchDog Console 3.2.2 XSS / XML Injection / Insecure Permissions |
References
- http://packetstormsecurity.com/files/147253/Geist-WatchDog-Console-3.2.2-XSS-XML-Injection-Insecure-Permissions.html
- http://packetstormsecurity.com/files/147253/Geist-WatchDog-Console-3.2.2-XSS-XML-Injection-Insecure-Permissions.html
- https://www.exploit-db.com/exploits/44493/
- https://www.exploit-db.com/exploits/44493/