HTTP: SimpleHelp WebDownloadServer Directory Traversal
This signature detects attempts to exploit a known vulnerability against SimpleHelp, WebDownloadServer. A successful attack can lead to directory traversal and arbitrary code execution.
Extended Description
SimpleHelp remote support software v5.5.7 and before is vulnerable to multiple path traversal vulnerabilities that enable unauthenticated remote attackers to download arbitrary files from the SimpleHelp host via crafted HTTP requests. These files include server configuration files containing various secrets and hashed user passwords.
Affected Products
Simple-help simplehelp
References
CVE: CVE-2024-57727
URL: https://simple-help.com/kb---security-vulnerabilities-01-2025#security-vulnerabilities-in-simplehelp-5-5-7-and-earlier https://www.horizon3.ai/attack-research/disclosures/critical-vulnerabilities-in-simplehelp-remote-support-software/ https://rustlang.rs/posts/simple-help/
Short Name
HTTP:DIR:SIMPLHELP-WEB-TRVRSL
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2024-57727 Directory SimpleHelp Traversal WebDownloadServer
Release Date
03/18/2025
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3791
False Positive
Unknown
Vendors
Simple-help