mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 01:04:30 +00:00
763 B
763 B
CVE-2021-33213
Description
An SSRF vulnerability in the "Upload from URL" feature in Elements-IT HTTP Commander 5.3.3 allows remote authenticated users to retrieve HTTP and FTP files from the internal server network by inserting an internal address.
POC
Reference
- https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2021-027.txt
- https://www.syss.de/pentest-blog/
Github
No PoCs found on GitHub currently.