cve/CVE-2020-25068.md at 7482ec4521a75dd13882dc1283f17009c936e974

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-28 01:04:30 +00:00

0xMarcio ba290685fe Update CVE sources 2024-06-09 00:33

2024-06-09 00:33:16 +00:00

Description

Setelsa Conacwin v3.7.1.2 is vulnerable to a local file inclusion vulnerability. This vulnerability allows a remote unauthenticated attacker to read internal files on the server via an http:IP:PORT/../../path/file_to_disclose Directory Traversal URI. NOTE: The manufacturer indicated that the affected version does not exist. Furthermore, they indicated that they detected this problem in an internal audit more than 3 years ago and fixed it in 2017.

POC

Reference

https://www.youtube.com/watch?v=CLAHE0qUHXs
https://www.youtube.com/watch?v=CLAHE0qUHXs

Github

https://github.com/0xT11/CVE-POC
https://github.com/404notf0und/CVE-Flow
https://github.com/Live-Hack-CVE/CVE-2020-2506
https://github.com/bryanroma/CVE-2020-25068
https://github.com/developer3000S/PoC-in-GitHub
https://github.com/hectorgie/PoC-in-GitHub
https://github.com/nomi-sec/PoC-in-GitHub

1.2 KiB Raw Blame History

CVE-2020-25068

Description

POC

Reference

Github

1.2 KiB

Raw Blame History