VM Turbo Operations Manager Directory Traversal Vulnerability

Summary
This host is installed with Turbo Operations Manager and is prone to directory traversal vulnerability.
Impact
Successful exploitation will allow attackers to perform directory traversal attacks and read arbitrary files on the affected application. Impact Level: Application
Solution
Upgrade to VM Turbo Operations Manager 4.6 or later, For updates refer to http://go.vmturbo.com/cloud-edition-download.html
Insight
Input passed to the 'xml_path' parameter in '/cgi-bin/help/doIt.cgi' is not properly sanitised before being used to get the contents of a resource.
Affected
VM Turbo Operations Manager 4.5.x and earlier
Detection
Send a crafted HTTP GET request and check whether it is able read the system files to execute or not.
References