From 5065e78de2a64891f68d2b9da69fa5cc5a454fac Mon Sep 17 00:00:00 2001
From: Goby <50955360+gobysec@users.noreply.github.com>
Date: Thu, 28 Mar 2024 18:52:32 +0800
Subject: [PATCH] Create
 Adobe_ColdFusion_CFIDE_adminapi_servermanager_servermanager.cfc_File_Read_Vulnerability_(CVE-2024-20767).md

---
 ....cfc_File_Read_Vulnerability_(CVE-2024-20767).md | 13 +++++++++++++
 1 file changed, 13 insertions(+)
 create mode 100644 Adobe_ColdFusion_CFIDE_adminapi_servermanager_servermanager.cfc_File_Read_Vulnerability_(CVE-2024-20767).md

diff --git a/Adobe_ColdFusion_CFIDE_adminapi_servermanager_servermanager.cfc_File_Read_Vulnerability_(CVE-2024-20767).md b/Adobe_ColdFusion_CFIDE_adminapi_servermanager_servermanager.cfc_File_Read_Vulnerability_(CVE-2024-20767).md
new file mode 100644
index 0000000..afaa40c
--- /dev/null
+++ b/Adobe_ColdFusion_CFIDE_adminapi_servermanager_servermanager.cfc_File_Read_Vulnerability_(CVE-2024-20767).md
@@ -0,0 +1,13 @@
+
+## 		Adobe ColdFusion /CFIDE/adminapi/_servermanager/servermanager.cfc File Read Vulnerability (CVE-2024-20767)
+
+|   **Vulnerability**  | Adobe ColdFusion /CFIDE/adminapi/_servermanager/servermanager.cfc File Read Vulnerability (CVE-2024-20767) |
+| :----:   | :-----|
+|  **Chinese name**  |	Adobe ColdFusion /CFIDE/adminapi/_servermanager/servermanager.cfc 文件读取漏洞 (CVE-2024-20767) |
+| **CVSS core**  | 8.2 |
+| **FOFA Query**  (click to view the results directly)| [app="Adobe-ColdFusion"](https://en.fofa.info/result?qbase64=Ym9keT0iL2NmYWpheC8iIHx8IGhlYWRlcj0iQ0ZUT0tFTiIgfHwgYmFubmVyPSJDRlRPS0VOIiB8fCBib2R5PSJDb2xkRnVzaW9uLkFqYXgiIHx8IGJvZHk9IjxjZnNjcmlwdD4iIHx8IHNlcnZlcj0iQ29sZEZ1c2lvbiIgfHwgdGl0bGU9IkNvbGRGdXNpb24iIHx8IChib2R5PSJjcm9zc2RvbWFpbi54bWwiICYmIGJvZHk9IkNGSURFIikgfHwgKGJvZHk9IiMwMDA4MDgiICYmIGJvZHk9IiNlN2U3ZTciKQ%3D%3D)|
+| **Number of assets affected**  | 	504562 |
+| **Description**  | Adobe ColdFusion is a commercial application server developed by Adobe for web application development. The vulnerability allows an attacker to read important system files (e.g., database configuration files, system configuration files), database configuration files, etc., resulting in an extremely insecure web site.|
+| **Impact** | The vulnerability allows an attacker to read important system files (e.g., database configuration files, system configuration files), database configuration files, etc., resulting in an extremely insecure web site. |
+
+![](https://s3.bmp.ovh/imgs/2024/03/28/d8f5c5bf74cb4017.gif).