mirror of
https://github.com/0xMarcio/cve.git
synced 2025-12-30 04:49:42 +00:00
832 B
832 B
CVE-2020-11490
Description
Manage::Certificates in Zen Load Balancer 3.10.1 allows remote authenticated admins to execute arbitrary OS commands via shell metacharacters in the index.cgi cert_issuer, cert_division, cert_organization, cert_locality, cert_state, cert_country, or cert_email parameter.
POC
Reference
- http://code610.blogspot.com/2020/03/pentesting-zen-load-balancer-quick.html
- https://github.com/c610/tmp/blob/master/zenload4patreons.zip
Github
No PoCs found on GitHub currently.