Ivanti LANDesk Management Gateway Directory Traversal Vulnerability
Vulnerability
A directory traversal vulnerability has been identified in Ivanti LANDesk Management Gateway versions through 4.2-1.9. By appending a specific encoded query string to the URI of the /client/index.php endpoint, an attacker can bypass access controls and gain unauthorized access to various endpoints within the management web panel. This exploitation could lead to the exposure of sensitive device information. It is important to note that this vulnerability affects products that are no longer supported by the maintainer.
Impact
Exploitation of this vulnerability could result in unauthorized access to sensitive device information through the management web panel.
Reproduction
To reproduce this vulnerability, append '%3F.php' to the URI of the '/client/index.php' endpoint. This will bypass access controls and allow access to other endpoints, such as '/client/index.php%3F.php/gsb/firewall.php', potentially exposing sensitive device information.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.