GobyVuls/SaltStack/CVE-2021-25282/README.md

# SaltStack pillar_roots.write File Write (CVE-2021-25282)

An issue was discovered in through SaltStack Salt before 3002.5. The salt.wheel.pillar_roots.write method is vulnerable to directory traversal.

**FOFA query rule**: [app="SALTSTACK-产品"](https://fofa.so/result?qbase64=YXBwPSJTQUxUU1RBQ0st5Lqn5ZOBIg%3D%3D)

# Demo

![](CVE-2021-25282.gif)
add CVE-2021-25282 2021-07-13 11:40:32 +08:00			`# SaltStack pillar_roots.write File Write (CVE-2021-25282)`

			`An issue was discovered in through SaltStack Salt before 3002.5. The salt.wheel.pillar_roots.write method is vulnerable to directory traversal.`

			`FOFA query rule: [app="SALTSTACK-产品"](https://fofa.so/result?qbase64=YXBwPSJTQUxUU1RBQ0st5Lqn5ZOBIg%3D%3D)`

			`# Demo`

			`![](CVE-2021-25282.gif)`