.. / CVE-2023-39026

Exploit for FileMage Gateway - Directory Traversal (CVE-2023-39026)

Description:

Directory Traversal vulnerability in FileMage Gateway Windows Deployments v.1.10.8 and before allows a remote attacker to obtain sensitive information via a crafted request to the /mgmt/ component.

Nuclei Template

View the template here CVE-2023-39026.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2023/CVE-2023-39026.yaml
Copy

References:

https://www.filemage.io/docs/updates.html#change-log
https://nvd.nist.gov/vuln/detail/CVE-2023-39026
http://packetstormsecurity.com/files/174491/FileMage-Gateway-1.10.9-Local-File-Inclusion.html
https://raindayzz.com/technicalblog/2023/08/20/FileMage-Vulnerability.html
https://securityonline.info/cve-2023-39026-filemage-gateway-directory-traversal-vulnerability/