What is CVE-2012-5192?

CVE-2012-5192 is a vulnerability in Bitweaver, classified under Path Traversal. Published 2014-01-28.

Is CVE-2012-5192 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Path Traversal in Bitweaver

CVE-2012-5192

Directory traversal vulnerability in gmap/view_overlay.php in Bitweaver 2.8.1 and earlier allows remote attackers to read arbitrary files via "''%2F" (dot dot encoded slash) sequences in the overlay_type parameter.

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.583 (98.2th percentile) — read the EPSS interpretation.

Affected products

Bitweaver — versions 1.1, 1.1.1_beta, 1.2.1
N/a — versions n/a

Weakness classification (CWE)

CWE-22 — Path Traversal

Public proof-of-concept exploits

rapid7/metasploit-framework

References

cve@mitre.org (Exploit, x_refsource_MISC)

Frequently asked questions

What is CVE-2012-5192?: CVE-2012-5192 is a vulnerability in Bitweaver, classified under Path Traversal. Published 2014-01-28.
Is CVE-2012-5192 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.