Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-43287 PoC — ThoughtWorks GoCD 信息泄露漏洞

Source
https://github.com/Threekiii/Awesome-POC/blob/master/%E4%B8%AD%E9%97%B4%E4%BB%B6%E6%BC%8F%E6%B4%9E/GoCD%20plugin%20%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E8%AF%BB%E5%8F%96%E6%BC%8F%E6%B4%9E%20CVE-2021-43287.md
Associated Vulnerability
Title:ThoughtWorks GoCD 信息泄露漏洞 (CVE-2021-43287)
Description:ThoughtWorks GoCD是美国ThoughtWorks公司的一个免费和开源的 CI/CD 服务器。 ThoughtWorks GoCD 21.3.0之前版本存在安全漏洞,有权在 GoCD 服务器上创建新管道的攻击者可以滥用 Git URL“测试连接”功能中的命令行注入利用该漏洞来执行任意代码。
File Snapshot

 # GoCD plugin 任意文件读取漏洞 CVE-2021-43287

## 漏洞描述

*GoCD*,一个开源的持续集成和持续交付系统,可以在持续交付过程中执行编译,自动化测试,自动部署等等,

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.