CVE-2018-10201 Scanner

NComputing vSpace Pro is a virtualization platform used to deliver virtual desktops, applications and servers. The platform enables multiple users to share a single operating system instance. This way, computing resources are maximized and costs are reduced. NComputing vSpace Pro is ideal for education, healthcare, SMBs, and enterprise environments. It provides high-performance and secured access to virtualized applications and desktops from any device and location connected to the internet. Overall, NComputing vSpace Pro is a powerful solution for organizations seeking to enhance productivity, reduce costs and streamline IT operations.

CVE-2018-10201 is a critical vulnerability found in NcMonitorServer.exe in NC Monitor Server in NComputing vSpace Pro 10 and 11. This vulnerability allows attackers to read arbitrary files located outside the root directory of the web server without authorization. Attackers can use directory-traversal patterns like .../, ...\, ..../, or ....\ with a crafted URL to exploit the vulnerability via TCP port 8667. Such exploitation can lead to unauthorized access to sensitive data, system compromise, and other malicious activities.

When exploited, the CVE-2018-10201 vulnerability can have severe consequences for an organization. Attackers can read confidential files, extract sensitive information, or tamper with critical data. In some cases, they can install malware to compromise the system and conduct further attacks. An attack on an organization's IT infrastructure can result in significant financial and reputational loss. It is, therefore, crucial to take preventive measures to protect against this vulnerability.

It is important to note that s4e.io provides a reliable and efficient platform for identifying vulnerabilities in digital assets. With its pro features, users can easily and quickly access information about vulnerabilities such as CVE-2018-10201 and other threats that may affect their digital assets. s4e.io not only offers vulnerability intelligence but helps with threat mitigation, giving users the peace of mind to focus on core business operations. In conclusion, protecting against vulnerabilities such as CVE-2018-10201 is crucial for organizations seeking to keep their digital assets secure and optimal.

REFERENCES

• http://www.kwell.net/kwell_blog/?p=5199
• https://support.ncomputing.com/portal/kb/articles/ncomputing-health-monitor-server-vulnerability-patch
• https://www.exploit-db.com/exploits/44497/
• https://www.kwell.net/kwell/index.php?option=com_newsfeeds&view=newsfeed&id=15&Itemid=173&lang=es