Industrial Application Software Canias ERP Path Traversal Vulnerability in RMI Interface
Vulnerability
A path traversal vulnerability has been identified in Industrial Application Software (IAS) Canias ERP version 8.03. The issue arises in the RMI Interface component, specifically within the 'iasRequestFileEvent' function. The vulnerability allows remote attackers to manipulate the 'm_strSourceFileName' argument, potentially leading to unauthorized file access. This exploit has been publicly disclosed and could be actively used.
Impact
Exploitation of this vulnerability allows for unauthorized file access on the server where Canias ERP is running.
Reproduction
To reproduce this vulnerability, a remote connection to the application's RMI registry must be established. After locating the 'iasServerRemoteInterface', the 'iasRequestFileEvent' can be created. The vulnerability is triggered by setting the 'm_strSourceFileName' field to a crafted file path that traverses directories, such as 'C:\Windows\win.ini'. Once the request is sent, the response will indicate whether the file was successfully accessed.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.