cve/2020/CVE-2020-25592.md

CVE-2020-25592

Description

In SaltStack Salt through 3002, salt-netapi improperly validates eauth credentials and tokens. A user can bypass authentication and invoke Salt SSH.

POC

Reference

• http://packetstormsecurity.com/files/160039/SaltStack-Salt-REST-API-Arbitrary-Command-Execution.html
• http://packetstormsecurity.com/files/160039/SaltStack-Salt-REST-API-Arbitrary-Command-Execution.html

Github

• https://github.com/ARPSyndicate/cvemon
• https://github.com/SexyBeast233/SecBooks
• https://github.com/vlrhsgody/CVE_Docker