Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2008-5862 PoC — webcamxp 目录遍历漏洞

Source
https://github.com/K3ysTr0K3R/CVE-2008-5862-EXPLOIT
Associated Vulnerability
Title:webcamxp 目录遍历漏洞 (CVE-2008-5862)
Description:webcamXP是一款商业网络摄像头软件,集成了用于共享视频的Web服务器。 webcamXP 5.3.2.375版本和5.3.2.410 build 2132版本中存在目录遍历漏洞。远程攻击者可以借助URI中的一个..%2F,来读取任意文件。
Description
A PoC exploit for CVE-2008-5862 - Directory traversal vulnerability in webcamXP 5.3.2.375 and 5.3.2.410
Readme
# CVE-2008-5862 - Directory traversal vulnerability in webcamXP 5.3.2.375 and 5.3.2.410

This repository contains an exploit for CVE-2008-5862, a security vulnerability discovered in versions 5.3.2.375 and 5.3.2.410 build 2132 of webcamXP. The exploit leverages a directory traversal flaw, allowing remote attackers to gain unauthorized access to arbitrary files and read their contents.
Vulnerability Description

CVE-2008-5862 is a critical security flaw that enables attackers to perform directory traversal attacks by manipulating the URI. By utilizing an encoded dot dot slash sequence (%2F), remote attackers can bypass access controls and retrieve sensitive information from the target system.
Exploit Details

This exploit takes advantage of the CVE-2008-5862 vulnerability to access arbitrary files on the affected webcamXP installation. By carefully crafting the request with the encoded dot dot slash sequence, the exploit can traverse the directory structure and retrieve files outside of the intended scope.

Please note that using this exploit on systems without proper authorization is illegal and unethical. This repository is intended for educational and research purposes only. The exploit code should not be used for any malicious activities.

# Disclaimer

This exploit is provided strictly for educational and research purposes. The author is not responsible for any misuse or damage caused by the utilization of this code. Usage of this exploit on systems without proper authorization is illegal, and you should only use it with appropriate permissions and responsibilities.

# Contributing

Contributions to this repository are welcome. If you find any improvements or additional functionalities that could enhance the exploit, feel free to create a pull request or open an issue to discuss the changes.

# Important!

Please note that the webcamXP software might have been updated since the discovery of this vulnerability. It is highly recommended to keep your software up to date and apply any available patches or security fixes to mitigate the risks associated with this exploit.
File Snapshot

 [4.0K]  /data/pocs/0f9d0d7571107e80744a3ed4edb3b828f8e800bb
├── [2.0K]  CVE-2008-5862.sh
└── [2.1K]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.