cve/CVE-2024-6893.md at c052d0d6949679697108fa931a00cd4220694869

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-31 10:40:54 +00:00

0xMarcio b8bb3913ae Update CVE sources 2024-08-18 19:26

2024-08-18 19:26:37 +00:00

Description

The "soap_cgi.pyc" API handler allows the XML body of SOAP requests to contain references to external entities. This allows an unauthenticated attacker to read local files, perform server-side request forgery, and overwhelm the web server resources.

POC

Reference

https://korelogic.com/Resources/Advisories/KL-001-2024-010.txt

Github

https://github.com/20142995/nuclei-templates
https://github.com/fkie-cad/nvd-json-data-feeds

892 B Raw Blame History

CVE-2024-6893

Description

POC

Reference

Github

892 B

Raw Blame History