mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-05 18:27:17 +00:00
871 B
871 B
CVE-2019-12864
Description
SolarWinds Orion Platform 2018.4 HF3 (NPM 12.4, NetPath 1.1.4) is vulnerable to Information Leakage, because of improper error handling with stack traces, as demonstrated by discovering a full pathname upon a 500 Internal Server Error via the api2/swis/query?lang=en-us&swAlertOnError=false query parameter.
POC
Reference
- https://www.esecforte.com/network-performance-monitor-india-esec-forte-technologies/
- https://www.solarwinds.com/network-performance-monitor
Github
No PoCs found on GitHub currently.