Mutiny < 5.0-1.11 Multiple Directory Traversals

High Nessus Network Monitor Plugin ID 6834


The remote server contains a network monitoring application that is affected by multiple directory traversal vulnerabilities


Versions of Mutiny prior to 5.0-1.11 are reportedly affected by multiple directory traversal vulnerabilities that could allow an authenticated attacker to upload, delete, and move files on the remote system with root priveleges. The functions for UPLOAD, DELETE, CUT, and COPY used in the 'Documents' section of the web fronted of Mutiny are affected


Upgrade to version 5.0-1.11 or later

See Also

Plugin Details

Severity: High

ID: 6834

File Name: 6834.prm

Family: Web Servers

Published: 2013/05/21

Modified: 2016/02/05

Dependencies: 1442

Nessus ID: 66497

Risk Information

Risk Factor: High


Base Score: 8.5

Temporal Score: 7

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:N

Temporal Vector: CVSS2#E:F/RL:OF/RC:C


Base Score: 8

Temporal Score: 7.4


Temporal Vector: CVSS3#E:F/RL:O/RC:C

Vulnerability Information

Patch Publication Date: 2013/05/15

Vulnerability Publication Date: 2013/05/15

Exploitable With

Metasploit (Mutiny 5 Arbitrary File Upload)

Reference Information

CVE: CVE-2013-0136

BID: 59883

OSVDB: 93444