CVE-2019-11397

CVE Database · CVE-2019-11397

CVE-2019-11397

· N/AModified

CVSS v3.1

N/A

EPSS

5.48%

Published

May 14, 2019

Modified

Nov 21, 2024

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

GetFile.aspx in Rapid4 RapidFlows Enterprise Application Builder 4.5M.23 (when used with .NET Framework 4.5) allows Local File Inclusion via the FileDesc parameter.

Weaknesses (CWE)

CWE-22

Affected Products (2)

rapidflows · rapid4vulnerable

microsoft · .net_frameworkvulnerable

References (4)

http://rapidflows.com/

ProductVendor AdvisoryURL Repurposed

https://medium.com/%40javarmutt/rapid4-local-file-inclusion-0day-151c830ac74a

http://rapidflows.com/

ProductVendor AdvisoryURL Repurposed

https://medium.com/%40javarmutt/rapid4-local-file-inclusion-0day-151c830ac74a

KEV Catalog EPSS Scores Vendors All CVEs