What is CVE-2012-6530?

CVE-2012-6530 is a vulnerability in Sysax Multi_server, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2013-01-31.

Is CVE-2012-6530 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Buffer overflow in Sysax Multi_server

CVE-2012-6530

Stack-based buffer overflow in Sysax Multi Server before 5.52, when HTTP is enabled, allows remote authenticated users with the create folder permission to execute arbitrary code via a crafted request.

Vulnerability class: Buffer Overflow

EPSS: 0.638 (98.4th percentile) — read the EPSS interpretation.

Affected products

Sysax Multi_server — versions 4.3, 4.5
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

Public proof-of-concept exploits

rapid7/metasploit-framework

References

cve@mitre.org (Exploit, x_refsource_MISC)
18382 (Exploit, exploit, x_refsource_EXPLOIT-DB)
18420 (Exploit, exploit, x_refsource_EXPLOIT-DB)
51548 (Exploit, vdb-entry, x_refsource_BID)

Frequently asked questions

What is CVE-2012-6530?: CVE-2012-6530 is a vulnerability in Sysax Multi_server, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2013-01-31.
Is CVE-2012-6530 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.