Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-42342 PoC — GoAhead 代码问题漏洞

Source
https://github.com/Threekiii/Awesome-POC/blob/master/%E4%B8%AD%E9%97%B4%E4%BB%B6%E6%BC%8F%E6%B4%9E/GoAhead%20Server%20%E7%8E%AF%E5%A2%83%E5%8F%98%E9%87%8F%E6%B3%A8%E5%85%A5%20CVE-2021-42342.md
Associated Vulnerability
Title:GoAhead 代码问题漏洞 (CVE-2021-42342)
Description:Embedthis Software GoAhead是美国Embedthis Software公司的一个开源的小型嵌入式 Web 服务器。 GoAhead 存在安全漏洞,该漏洞源于在文件上传过滤器中,用户表单变量可以传递给CGI脚本,而不需要使用CGI前缀。这允许将不受信任的环境变量导入到脆弱的CGI脚本。
File Snapshot

 # GoAhead Server 环境变量注入 CVE-2021-42342

## 漏洞描述

GoAhead是一个开源(商业许可)、简单、轻巧、功能强大、可以在多个平台运行的Web Server,

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.