CVE-2021-3019: CVE-2021-3019

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2021-3019

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

ffay lanproxy 0.1 allows Directory Traversal to read /../conf/config.properties to obtain credentials for a connection to the intranet.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Ffay Lanproxy 路径遍历漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Ffay Lanproxy是Ffay个人开发者的一个可将局域网内服务代理到公网的内网穿透工具。 ffay lanproxy 0.1 存在路径遍历漏洞，该漏洞允许目录遍历读取/../conf/config.properties来获取到内部网连接的凭据。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2021-3019

#	POC Description	Source Link	Shenlong Link
1	lanproxy 目录遍历漏洞批量检测 (CVE-2021-3019)	https://github.com/B1anda0/CVE-2021-3019	POC Details
2	CVE-2021-3019 lanproxy目录遍历任意文件读取漏洞探测POC	https://github.com/0xf4n9x/CVE-2021-3019	POC Details
3	lanproxy 目录遍历漏洞批量检测用户名密码POC (CVE-2021-3019)	https://github.com/Maksim-venus/CVE-2021-3019	POC Details
4	[CVE-2021-3019] LanProxy Directory Traversal	https://github.com/murataydemir/CVE-2021-3019	POC Details
5	lanproxy(CVE-2021-3019)目录遍历	https://github.com/Aoyuh/cve-2021-3019	POC Details
6	None	https://github.com/givemefivw/CVE-2021-3019	POC Details
7	None	https://github.com/qiezi-maozi/CVE-2021-3019-Lanproxy	POC Details
8	CVE-2021-3019	https://github.com/a1665454764/CVE-2021-3019	POC Details
9	ffay lanproxy 0.1 is susceptible to a directory traversal vulnerability that could let attackers read /../conf/config.properties to obtain credentials for a connection to the intranet.	https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2021/CVE-2021-3019.yaml	POC Details
10	None	https://github.com/Threekiii/Awesome-POC/blob/master/Web%E5%BA%94%E7%94%A8%E6%BC%8F%E6%B4%9E/Lanproxy%20%E7%9B%AE%E5%BD%95%E9%81%8D%E5%8E%86%E6%BC%8F%E6%B4%9E%20CVE-2021-3019.md	POC Details
11	None	https://github.com/chaitin/xray-plugins/blob/main/poc/manual/lanproxy-cve-2021-3019-lfi.yml	POC Details

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2021-3019

Please Login to view more intelligence information

https://github.com/maybe-why-not/lanproxy/issues/1x_refsource_MISC
https://github.com/ffay/lanproxy/commits/masterx_refsource_MISC
https://nvd.nist.gov/vuln/detail/CVE-2021-3019

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2021-3019

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2021-3019

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2021-3019

III. Intelligence Information for CVE-2021-3019

IV. Related Vulnerabilities

V. Comments for CVE-2021-3019

Leave a comment