What is CVE-2011-2750?

CVE-2011-2750 is a vulnerability in Novell File_reporter, classified under CWE-399. Published 2011-07-17.

Is CVE-2011-2750 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Novell File_reporter

CVE-2011-2750

NFRAgent.exe in Novell File Reporter 1.0.4.2 and earlier allows remote attackers to delete arbitrary files via a full pathname in an SRS OPERATION 4 CMD 5 request to /FSF/CMD.

EPSS: 0.708 (98.7th percentile) — read the EPSS interpretation.

Affected products

Novell File_reporter — versions 1.0.1, 1.0.1.1, 1.0.2
N/a — versions n/a

Weakness classification (CWE)

CWE-399

Public proof-of-concept exploits

rapid7/metasploit-framework

References

1025716 (vdb-entry, x_refsource_SECTRACK)
45071 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
cve@mitre.org (Exploit, x_refsource_MISC)
20110627 Arbitrary files deletion in Novell File Reporter 1.0.4.2 (mailing-list, x_refsource_BUGTRAQ)
8309 (x_refsource_SREASON, third-party-advisory)

Frequently asked questions

What is CVE-2011-2750?: CVE-2011-2750 is a vulnerability in Novell File_reporter, classified under CWE-399. Published 2011-07-17.
Is CVE-2011-2750 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.