Application Details
SimpleHelp remote support software allows support professionals to be able to assist customers anywhere, remotely.
Vulnerability
SimpleHelp remote support software v5.5.7 and before is vulnerable to multiple path traversal vulnerabilities.
Identification
It is possible for remote attackers to download arbitrary files from the SimpleHelp host, via crafted HTTP requests. Exposing sensitive files which include server configuration, hashed user passsowrds, and various secrets.
GET /index.php?a=../../../../serverconfig.xml Detection
By turning this into a traffic file and matching rule, we are able to detect directory traversal attempts by an unauthenticated remote attacker.
Coverage
Idappcom have created signature 8025682 along with a traffic file for this vulnerability.
References
Traffic IQ
If you are concerned that your business may be at risk of this vulnerability or others why not try out our Traffic IQ software which can scan your defences and report any issues. Learn more here: https://www.idappcom.co.uk/traffic-iq-professional
Comments