Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2022-40083 PoC — LabStack LLC echo 输入验证错误漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2022/CVE-2022-40083.yaml
Associated Vulnerability
Title:LabStack LLC echo 输入验证错误漏洞 (CVE-2022-40083)
Description:echo是LabStack LLC开源的一个高性能、极简的 Go web 框架。 LabStack LLC echo v4.8.0 版本存在安全漏洞,该漏洞源于 Static Handler 组件存在开放重定向问题,可能导致服务器端请求伪造(SSRF)。
Description
Labstack Echo 4.8.0 contains an open redirect vulnerability via the Static Handler component. An attacker can leverage this vulnerability to cause server-side request forgery, making it possible to obtain sensitive information, modify data, and/or execute unauthorized operations.
File Snapshot

 id: CVE-2022-40083

info:
  name: Labstack Echo 4.8.0 - Open Redirect
  author: pdteam
  severity: c

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.