CVE-2013-4885
CVE-2013-4885 is a medium-severity vulnerability in Nmap with a CVSS 2.0 base score of 6.8. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low.
Key facts
- Severity: Medium (CVSS 2.0 base score 6.8)
- EPSS exploit prediction: 7% (94th percentile)
- Actively exploited: Not listed in CISA KEV
- Affected product: Nmap
- Published:
- Last modified:
Description
The http-domino-enum-passwords.nse script in NMap before 6.40, when domino-enum-passwords.idpath is set, allows remote servers to upload "arbitrarily named" files via a crafted FullName parameter in a response, as demonstrated using directory traversal sequences.
Frequently asked questions
- What is CVE-2013-4885?
- The http-domino-enum-passwords.nse script in NMap before 6.40, when domino-enum-passwords.idpath is set, allows remote servers to upload "arbitrarily named" files via a crafted FullName parameter in a response, as demonstrated using directory traversal sequences.
- How severe is CVE-2013-4885?
- CVE-2013-4885 has a CVSS 2.0 base score of 6.8, rated medium severity.
- Is CVE-2013-4885 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 7% (94th percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2013-4885?
- CVE-2013-4885 primarily affects Nmap. In total, 190 product configurations (CPEs) are listed as vulnerable; see the affected-products list for the exact versions.
- How do I fix CVE-2013-4885?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- When was CVE-2013-4885 published?
- CVE-2013-4885 was published on 2013-10-26 and last updated on 2026-06-16.
References
- http://lists.opensuse.org/opensuse-updates/2013-10/msg00030.html
- http://lists.opensuse.org/opensuse-updates/2013-10/msg00035.html
- http://nmap.org/changelog.html
- http://packetstormsecurity.com/files/122719/TWSL2013-025.txt
- https://github.com/drk1wi/portspoof/commit/1791fe4e2b9e5b5c8e000551ab60a64a29d924c3
- https://www.trustwave.com/spiderlabs/advisories/TWSL2013-025.txt
Affected products (190)
- cpe:2.3:a:nmap:nmap:*:*:*:*:*:*:*:*
- cpe:2.3:a:nmap:nmap:2.1:beta1:*:*:*:*:*:*
- cpe:2.3:a:nmap:nmap:2.2:beta2:*:*:*:*:*:*
- cpe:2.3:a:nmap:nmap:2.2:beta3:*:*:*:*:*:*
- cpe:2.3:a:nmap:nmap:2.2:beta4:*:*:*:*:*:*
- cpe:2.3:a:nmap:nmap:2.3:beta10:*:*:*:*:*:*
- cpe:2.3:a:nmap:nmap:2.3:beta12:*:*:*:*:*:*
- cpe:2.3:a:nmap:nmap:2.3:beta13:*:*:*:*:*:*
- cpe:2.3:a:nmap:nmap:2.3:beta14:*:*:*:*:*:*
- cpe:2.3:a:nmap:nmap:2.3:beta17:*:*:*:*:*:*
- cpe:2.3:a:nmap:nmap:2.3:beta18:*:*:*:*:*:*
- cpe:2.3:a:nmap:nmap:2.3:beta19:*:*:*:*:*:*
- cpe:2.3:a:nmap:nmap:2.3:beta20:*:*:*:*:*:*
- cpe:2.3:a:nmap:nmap:2.3:beta21:*:*:*:*:*:*
- cpe:2.3:a:nmap:nmap:2.3:beta4:*:*:*:*:*:*
- cpe:2.3:a:nmap:nmap:2.3:beta5:*:*:*:*:*:*
- cpe:2.3:a:nmap:nmap:2.3:beta6:*:*:*:*:*:*
- cpe:2.3:a:nmap:nmap:2.3:beta8:*:*:*:*:*:*
- cpe:2.3:a:nmap:nmap:2.3:beta9:*:*:*:*:*:*
- cpe:2.3:a:nmap:nmap:2.05:*:*:*:*:*:*:*
- cpe:2.3:a:nmap:nmap:2.06:*:*:*:*:*:*:*
- cpe:2.3:a:nmap:nmap:2.07:*:*:*:*:*:*:*
- cpe:2.3:a:nmap:nmap:2.08:*:*:*:*:*:*:*
- cpe:2.3:a:nmap:nmap:2.09:*:*:*:*:*:*:*
- cpe:2.3:a:nmap:nmap:2.10:*:*:*:*:*:*:*
- cpe:2.3:a:nmap:nmap:2.11:*:*:*:*:*:*:*
- cpe:2.3:a:nmap:nmap:2.12:*:*:*:*:*:*:*
- cpe:2.3:a:nmap:nmap:2.50:*:*:*:*:*:*:*
- cpe:2.3:a:nmap:nmap:2.51:*:*:*:*:*:*:*
- cpe:2.3:a:nmap:nmap:2.52:*:*:*:*:*:*:*
- cpe:2.3:a:nmap:nmap:2.53:*:*:*:*:*:*:*
- cpe:2.3:a:nmap:nmap:2.54:beta1:*:*:*:*:*:*
- cpe:2.3:a:nmap:nmap:2.54:beta16:*:*:*:*:*:*
- cpe:2.3:a:nmap:nmap:2.54:beta19:*:*:*:*:*:*
- cpe:2.3:a:nmap:nmap:2.54:beta2:*:*:*:*:*:*
- cpe:2.3:a:nmap:nmap:2.54:beta20:*:*:*:*:*:*
- cpe:2.3:a:nmap:nmap:2.54:beta21:*:*:*:*:*:*
- cpe:2.3:a:nmap:nmap:2.54:beta22:*:*:*:*:*:*
- cpe:2.3:a:nmap:nmap:2.54:beta24:*:*:*:*:*:*
- cpe:2.3:a:nmap:nmap:2.54:beta25:*:*:*:*:*:*
More vulnerabilities in Nmap
- CVE-2017-18594 — High (CVSS 7.5): nse_libssh2.cc in Nmap 7.70 is subject to a denial of service condition due to a double free when an SSH connection…
- CVE-2018-15173 — High (CVSS 7.5): Nmap through 7.70, when the -sV option is used, allows remote attackers to cause a denial of service (stack consumption…
- CVE-2026-58058 — Medium (CVSS 6.5): Nmap through 7.99 does not keep the IPv6 extension-header walk within the captured packet in ipv6_get_data_primitive…
- CVE-2018-1000161 — Medium (CVSS 5.7): nmap version 6.49BETA6 through 7.60, up to and including SVN revision 37147 contains a Directory Traversal…