CVE-2012-10048 | Zenoss Core 3.x showdaemonXMLConfig Endpoint ZenossInfo.py Popen daemon path traversal (Exploit 20205 / EDB-20205)

Inserito da Angelo Barbosa | Ago 8, 2025 | CVE

A vulnerability was found in Zenoss Core 3.x. It has been declared as critical. Affected by this vulnerability is the function Popen of the file ZenossInfo.py of the component showdaemonXMLConfig Endpoint. The manipulation of the argument daemon leads to path traversal. This vulnerability only affects products that are no longer supported by the maintainer.

This vulnerability is known as CVE-2012-10048. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2012-10048 | Zenoss Core 3.x showdaemonXMLConfig Endpoint ZenossInfo.py Popen daemon path traversal (Exploit 20205 / EDB-20205)

Post correlati

CVE-2023-7106 | code-projects E-Commerce Website 1.0 product_details.php prod_id sql injection

CVE-2024-41668 | cbioportal up to 6.0.11 /proxy server-side request forgery (GHSA-9h44-r3c3-q7rm)

CVE-2024-12980 | code-projects Job Recruitment 1.0 /_parse/_all_edits.php fln_update fname/lname cross site scripting

CVE-2025-1495 | IBM Business Automation Workflow up to 24.0.0/24.0.1 IF001 improper authorization