CVE-2019-7751

A directory traversal and local file inclusion vulnerability in FPProducerInternetServer.exe in Ricoh MarcomCentral, formerly PTI Marketing, FusionPro VDP before 10.0 allows a remote attacker to list or enumerate sensitive contents of files. Furthermore, this could allow for privilege escalation by dumping the local machine's SAM and SYSTEM database files, and possibly remote code execution.

CVSS v3 7.5 HIGH
CVSS v2.0 5.0 MEDIUM

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://packetstormsecurity.com/files/151963/MarcomCentral-FusionPro-VDP-Creator-Directory-Traversal.html	Exploit Third Party Advisory VDB Entry
https://www.exploit-db.com/exploits/46494	Exploit Third Party Advisory VDB Entry

Configurations

Configuration 1 (hide)

cpe:2.3:a:ricoh:fusionpro_vdp:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2019-12-31 17:15

Updated : 2023-12-10 13:13

NVD link : CVE-2019-7751

Mitre link : CVE-2019-7751

CVE.ORG link : CVE-2019-7751

JSON object : View

Products Affected

ricoh

fusionpro_vdp

CWE

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

{"id": "CVE-2019-7751", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2019-12-31T17:15:10.897", "references": [{"url": "https://packetstormsecurity.com/files/151963/MarcomCentral-FusionPro-VDP-Creator-Directory-Traversal.html", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "https://www.exploit-db.com/exploits/46494", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-22"}]}], "descriptions": [{"lang": "en", "value": "A directory traversal and local file inclusion vulnerability in FPProducerInternetServer.exe in Ricoh MarcomCentral, formerly PTI Marketing, FusionPro VDP before 10.0 allows a remote attacker to list or enumerate sensitive contents of files. Furthermore, this could allow for privilege escalation by dumping the local machine's SAM and SYSTEM database files, and possibly remote code execution."}, {"lang": "es", "value": "Una vulnerabilidad de inclusi\u00f3n de archivos local y un salto de directorio en el archivo FPProducerInternetServer.exe en Ricoh MarcomCentral, anteriormente PTI Marketing, FusionPro VDP versiones anteriores a la versi\u00f3n 10.0, permite a un atacante remoto liste o enumere contenido confidencial de archivos. Adem\u00e1s, esto podr\u00eda permitir una escalada de privilegios al volcar los archivos de base de datos SAM y SYSTEM de la m\u00e1quina local, y posiblemente una ejecuci\u00f3n de c\u00f3digo remota."}], "lastModified": "2020-01-14T17:18:18.370", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ricoh:fusionpro_vdp:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A3E9F66B-C490-4ABB-B6D2-8AFF432AB4CC", "versionEndExcluding": "10.0"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}