mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-06 02:31:38 +00:00
691 B
691 B
CVE-2023-52252
Description
Unified Remote 3.13.0 allows remote attackers to execute arbitrary Lua code because of a wildcarded Access-Control-Allow-Origin for the Remote upload endpoint.
POC
Reference
- https://harkenzo.tlstickle.com/2023-03-17-UR-Web-Triggerable-RCE/
- https://www.exploit-db.com/exploits/51309
Github
No PoCs found on GitHub currently.