### [CVE-2012-10061](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-10061)
![](https://img.shields.io/static/v1?label=Product&message=Music%20Host%20Server&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=*%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-22%20Improper%20Limitation%20of%20a%20Pathname%20to%20a%20Restricted%20Directory%20('Path%20Traversal')&color=brightgreen)

### Description

Sockso Music Host Server versions <= 1.5 are vulnerable to a path traversal flaw that allows unauthenticated remote attackers to read arbitrary files from the server’s filesystem. The vulnerability exists in the HTTP interface on port 4444, where the endpoint /file/ fails to properly sanitize user-supplied input. Attackers can traverse directories and access sensitive files outside the intended web root.

### POC

#### Reference
- https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/auxiliary/scanner/http/sockso_traversal.rb
- https://www.exploit-db.com/exploits/18605
- https://www.vulncheck.com/advisories/sockso-music-host-server-path-traversal

#### Github
No PoCs found on GitHub currently.