mirror of https://github.com/qwqdanchun/Goby.git
76 lines
2.5 KiB
JSON
76 lines
2.5 KiB
JSON
{
|
|
"Name": "SaltStack pillar_roots.write File Write (CVE-2021-25282)",
|
|
"Description": "An issue was discovered in through SaltStack Salt before 3002.5. The salt.wheel.pillar_roots.write method is vulnerable to directory traversal.",
|
|
"Product": "SaltStack",
|
|
"Homepage": "https://github.com/saltstack/salt",
|
|
"DisclosureDate": "2021-02-27",
|
|
"Author": "ovi3",
|
|
"FofaQuery": "",
|
|
"GobyQuery": "header=\"application/json\" && header=\"CherryPy\" && body=\"clients\"",
|
|
"Level": "3",
|
|
"Impact": "",
|
|
"Recommendation": "",
|
|
"Translation": null,
|
|
"References": [],
|
|
"RealReferences": [
|
|
"http://packetstormsecurity.com/files/162058/SaltStack-Salt-API-Unauthenticated-Remote-Command-Execution.html",
|
|
"https://github.com/saltstack/salt/releases",
|
|
"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7GRVZ5WAEI3XFN2BDTL6DDXFS5HYSDVB/",
|
|
"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUGLOJ6NXLCIFRD2JTXBYQEMAEF2B6XH/",
|
|
"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOGNT2XWPOYV7YT75DN7PS4GIYWFKOK5/",
|
|
"https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/",
|
|
"https://security.gentoo.org/glsa/202103-01",
|
|
"https://nvd.nist.gov/vuln/detail/CVE-2021-25282",
|
|
"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25282",
|
|
"https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/",
|
|
"https://github.com/Immersive-Labs-Sec/CVE-2021-25281/blob/main/cve-2021-25281.py"
|
|
],
|
|
"HasExp": true,
|
|
"ExpParams": [
|
|
{
|
|
"name": "path",
|
|
"type": "input",
|
|
"value": "../../../../../../../../../../tmp/test",
|
|
"show": "attackType=write_file"
|
|
},
|
|
{
|
|
"name": "data",
|
|
"type": "input",
|
|
"value": "file content",
|
|
"show": "attackType=write_file"
|
|
},
|
|
{
|
|
"name": "attackType",
|
|
"type": "select",
|
|
"value": "goby_shell_linux,write_file",
|
|
"show": ""
|
|
}
|
|
],
|
|
"Is0day": false,
|
|
"ExpTips": {
|
|
"Type": "",
|
|
"Content": ""
|
|
},
|
|
"ScanSteps": null,
|
|
"ExploitSteps": null,
|
|
"VulType": null,
|
|
"Tags": [
|
|
"filewrite", "rce"
|
|
],
|
|
"CVEIDs": [
|
|
"CVE-2021-25281",
|
|
"CVE-2021-25282"
|
|
],
|
|
"CVSSScore": "9.1",
|
|
"CNNVDIDs": null,
|
|
"AttackSurfaces": {
|
|
"Application": [
|
|
"SaltStack"
|
|
],
|
|
"Support": null,
|
|
"Service": null,
|
|
"System": null,
|
|
"Hardware": null
|
|
},
|
|
"Disable": false
|
|
} |