What is CVE-2013-1081?

CVE-2013-1081 is a vulnerability in Novell Zenworks_mobile_management, classified under Path Traversal. Published 2013-03-11.

Is CVE-2013-1081 known to be exploited?

3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Path Traversal in Novell Zenworks_mobile_management

CVE-2013-1081

Directory traversal vulnerability in MDM.php in Novell ZENworks Mobile Management (ZMM) 2.6.1 and 2.7.0 allows remote attackers to include and execute arbitrary local files via the language parameter.

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.806 (99.2th percentile) — read the EPSS interpretation.

Affected products

Novell Zenworks_mobile_management — versions 2.6.1, 2.7.0
N/a — versions n/a

Weakness classification (CWE)

CWE-22 — Path Traversal

Public proof-of-concept exploits

steponequit/CVE-2013-1081
rapid7/metasploit-framework
rapid7/metasploit-framework

References

cve@mitre.org (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2013-1081?: CVE-2013-1081 is a vulnerability in Novell Zenworks_mobile_management, classified under Path Traversal. Published 2013-03-11.
Is CVE-2013-1081 known to be exploited?: 3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.