cve/2013/CVE-2013-5528.md

### [CVE-2013-5528](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5528)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

Directory traversal vulnerability in the Tomcat administrative web interface in Cisco Unified Communications Manager allows remote authenticated users to read arbitrary files via directory traversal sequences in an unspecified input string, aka Bug ID CSCui78815.

### POC

#### Reference
- http://packetstormsecurity.com/files/140071/Cisco-Unified-Communications-Manager-7-8-9-Directory-Traversal.html
- https://www.exploit-db.com/exploits/40887/

#### Github
- https://github.com/ARPSyndicate/kenzer-templates
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`### [CVE-2013-5528](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5528)`
			`![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)`

			`### Description`

			`Directory traversal vulnerability in the Tomcat administrative web interface in Cisco Unified Communications Manager allows remote authenticated users to read arbitrary files via directory traversal sequences in an unspecified input string, aka Bug ID CSCui78815.`

			`### POC`

			`#### Reference`
			`- http://packetstormsecurity.com/files/140071/Cisco-Unified-Communications-Manager-7-8-9-Directory-Traversal.html`
			`- https://www.exploit-db.com/exploits/40887/`

			`#### Github`
			`- https://github.com/ARPSyndicate/kenzer-templates`