What is CVE-2012-10061?

CVE-2012-10061 is a vulnerability in Sockso Project Music Host Server, classified under Path Traversal. Published 2025-08-20.

Is CVE-2012-10061 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Path Traversal in Sockso Project Music Host Server

CVE-2012-10061

Sockso Music Host Server versions <= 1.5 are vulnerable to a path traversal flaw that allows unauthenticated remote attackers to read arbitrary files from the server’s filesystem. The vulnerability exists in the HTTP interface on port 4444…

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.556 (98.1th percentile) — read the EPSS interpretation.

Affected products

Sockso Project Music Host Server — versions 0

Weakness classification (CWE)

CWE-22 — Path Traversal

Public proof-of-concept exploits

rapid7/metasploit-framework

References

web.archive.org/web/20120326095835/http://sockso.pu-gh.com/ (product, patch)
raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/auxiliary/… (exploit)
github.com/rodnaph/sockso (product)
aluigi.altervista.org/adv/sockso_1-adv.txt (technical-description, exploit)
www.exploit-db.com/exploits/18605 (exploit)
www.vulncheck.com/advisories/sockso-music-host-server-path-traversal (third-party-advisory)

Frequently asked questions

What is CVE-2012-10061?: CVE-2012-10061 is a vulnerability in Sockso Project Music Host Server, classified under Path Traversal. Published 2025-08-20.
Is CVE-2012-10061 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.