Opentext Documentum Content Server File Hijack / Privilege Escalation

Posted by deepcore on October 15, 2017 – 2:33 pm

Opentext Documentum Content Server (formerly known as EMC Documentum Content Server) does not properly validate input of the PUT_FILE RPC command which allows any authenticated user to hijack arbitrary file from the Content Server filesystem. Because some files on the Content Server filesystem are security-sensitive this security flaw leads to privilege escalation.

This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.

« AlienVault USM 5.4.2 Cross Site Request Forgery Opentext Documentum Content Server Privilege Escalation »

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Opentext Documentum Content Server File Hijack / Privilege Escalation

Post a reply

Tabs Switcher

Categories

Archives

Meta

BLOGROLL