CVE-2012-10062
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-08-30

Last updated on: 2025-09-02

Assigner: VulnCheck

Description
A vulnerability in XAMPP, developed by Apache Friends, version 1.7.3's default WebDAV configuration allows remote authenticated attackers to upload and execute arbitrary PHP code. The WebDAV service, accessible via /webdav/, accepts HTTP PUT requests using default credentials. This permits attackers to upload a malicious PHP payload and trigger its execution via a subsequent GET request, resulting in remote code execution on the server.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-08-30
Last Modified
2025-09-02
Generated
2026-05-06
AI Q&A
2025-08-30
EPSS Evaluated
2026-05-05
NVD
CVE-2012-10062
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
apache_friends xampp 1.7.3
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-306 The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
CWE-434 The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability affects XAMPP version 1.7.3's default WebDAV configuration, where the WebDAV service accessible at /webdav/ uses weak or default authentication credentials. Remote authenticated attackers can exploit this by uploading arbitrary PHP code via HTTP PUT requests without proper authentication controls. Once uploaded, the attacker can execute the malicious PHP code by sending a subsequent HTTP GET request, resulting in remote code execution on the server. [1, 2, 3]


How can this vulnerability impact me? :

Exploitation of this vulnerability allows an attacker to remotely upload and execute arbitrary PHP code on the affected server. This can lead to full compromise of the server, including unauthorized access, data theft, modification or deletion of data, and disruption of services. The vulnerability has a high severity score (CVSS 8.7) indicating significant impact on confidentiality, integrity, and availability. [1, 2, 3]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by checking if the XAMPP WebDAV service is accessible and allows HTTP PUT requests with default or weak credentials. You can attempt to authenticate using default credentials (username: 'wampp', password: 'xampp') against the /webdav/ path. Using tools like curl, you can try to upload a test PHP file via an HTTP PUT request to /webdav/ and check for a successful HTTP 201 Created response. For example, a command to test upload might be: curl -u wampp:xampp -T test.php http://target-server/webdav/test.php -v. If the upload succeeds and the file is accessible via a GET request, the system is vulnerable. [2, 3]


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include disabling or restricting the WebDAV service on XAMPP if it is not needed, changing default or weak WebDAV authentication credentials to strong, unique passwords, and applying access controls to limit who can access the /webdav/ directory. Additionally, updating XAMPP to a version that patches this vulnerability or applying vendor-provided security updates is recommended. Monitoring and blocking HTTP PUT requests to the /webdav/ path can also help prevent exploitation. [1, 2, 3]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart