CVE-2019-16064 – CVE-2019-16064 is a directory traversal vulnera... (How to Fix)

Q: What is the severity of CVE-2019-16064?

CVE-2019-16064 has a CVSS score of 9.6 (CRITICAL). CVE-2019-16064 is a directory traversal vulnerability in NETSAS Enigma NMS that allows authenticated attackers to access files outside the web root. This enables reading, modifying, and deleting files on the server. All users running version 65.0.0 or earlier are affected.

📋 TL;DR

CVE-2019-16064 is a directory traversal vulnerability in NETSAS Enigma NMS that allows authenticated attackers to access files outside the web root. This enables reading, modifying, and deleting files on the server. All users running version 65.0.0 or earlier are affected.

💻 Affected Systems

Products:

NETSAS Enigma NMS

Versions: 65.0.0 and prior

Operating Systems: All platforms running the vulnerable software

Default Config Vulnerable: ⚠️ Yes

Notes: Requires authenticated access, but default installations are vulnerable.

📦 What is this software?

Enigma Network Management Solution by Netsas

View all CVEs affecting Enigma Network Management Solution →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete server compromise through arbitrary file upload leading to remote code execution, credential theft, or data destruction.

🟠

Likely Case

Unauthorized access to sensitive configuration files, application data, and system information leading to data breach or service disruption.

🟢

If Mitigated

Limited impact with proper file permissions, web server sandboxing, and network segmentation preventing lateral movement.

🌐 Internet-Facing: HIGH

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires valid credentials but uses simple path traversal techniques.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Versions after 65.0.0

Vendor Advisory: https://www.mogozobo.com/?p=3647

Restart Required: Yes

Instructions:

1. Upgrade to the latest version of NETSAS Enigma NMS. 2. Restart the application service. 3. Verify the fix by testing directory traversal attempts.

🔧 Temporary Workarounds

Web Server File Restriction

all

Configure web server to restrict access to parent directories

# Apache: Set AllowOverride None in httpd.conf
# Nginx: Use 'deny all' in location blocks for sensitive paths

Application Sandboxing

all

Run web server with minimal privileges in restricted directory

# Linux: chroot jail setup
# Windows: Use AppLocker or similar restrictions

🧯 If You Can't Patch

Implement strict network segmentation to isolate Enigma NMS from critical systems
Deploy web application firewall (WAF) with path traversal protection rules

🔍 How to Verify

Check if Vulnerable:

Attempt directory traversal using authenticated session: try accessing ../../etc/passwd or similar paths

Check Version:

Check application version in web interface or configuration files

Verify Fix Applied:

Test same directory traversal attempts after patch - should return access denied errors

📡 Detection & Monitoring

Log Indicators:

Multiple failed attempts to access ../ or ..\ patterns in web logs
Unusual file access patterns from authenticated users

Network Indicators:

HTTP requests containing ../ or ..\ sequences
Unexpected file uploads to non-standard paths

SIEM Query:

web_access_logs WHERE url CONTAINS '../' OR url CONTAINS '..\' AND response_code = 200

📊 Metadata

CVE ID: CVE-2019-16064

CVSS v3 Score: 9.6 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N

CWE: CWE-22

Published: March 19, 2020

Last Updated: November 21, 2024

🔗 References

https://www.mogozobo.com/?p=3647 Exploit,Third Party Advisory
https://www.mogozobo.com/?p=3647 Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2019-16064, you might also want to check these: