Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-3374 PoC — RStudio Shiny Server 路径遍历漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2021/CVE-2021-3374.yaml
Associated Vulnerability
Title:RStudio Shiny Server 路径遍历漏洞 (CVE-2021-3374)
Description:RStudio Shiny Server是美国RStudio公司的一个应用服务器。将Shiny Web应用程序和交互式文档放在网上。 RStudio Shiny Server before 1.5.16 存在路径遍历漏洞,攻击者可利用该漏洞读取应用程序源代码。
Description
Rstudio Shiny Server prior to 1.5.16 is vulnerable to local file inclusion and source code leakage. This can be exploited by appending an encoded slash to the URL.
File Snapshot

 id: CVE-2021-3374

info:
  name: Rstudio Shiny Server <1.5.16 - Local File Inclusion
  author: geekn

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.