What is CVE-2010-10012?

CVE-2010-10012 is a vulnerability in Japheth Httpdasm, classified under Path Traversal. Published 2025-07-23.

Is CVE-2010-10012 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Path Traversal in Japheth Httpdasm

CVE-2010-10012

A path traversal vulnerability exists in httpdasm version 0.92, a lightweight Windows HTTP server, that allows unauthenticated attackers to read arbitrary files on the host system. By sending a specially crafted GET request containing a se…

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.720 (98.8th percentile) — read the EPSS interpretation.

Affected products

Japheth Httpdasm — versions 0.92

Weakness classification (CWE)

CWE-22 — Path Traversal

Public proof-of-concept exploits

rapid7/metasploit-framework

References

www.exploit-db.com/exploits/15861 (exploit)
raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/auxiliary/… (exploit)
www.japheth.de/httpdASM.html (product)
www.vulncheck.com/advisories/httpasm-path-traversal (third-party-advisory)

Frequently asked questions

What is CVE-2010-10012?: CVE-2010-10012 is a vulnerability in Japheth Httpdasm, classified under Path Traversal. Published 2025-07-23.
Is CVE-2010-10012 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.