Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-23334 PoC — aiohttp 路径遍历漏洞

Source
https://github.com/BestDevOfc/CVE-2024-23334-PoC
Associated Vulnerability
Title:aiohttp 路径遍历漏洞 (CVE-2024-23334)
Description:aiohttp是一个开源的用于 asyncio 和 Python 的异步 HTTP 客户端/服务器框架。 aiohttp 3.9.2之前版本存在路径遍历漏洞,该漏洞源于当follow_symlinks设置为 True 时,不会进行检查读取的文件是否位于根目录内,这可能会导致目录遍历漏洞。
Description
A proof of concept of the path traversal vulnerability in the python AioHTTP library =< 3.9.1
Readme
# CVE-2024-23334-PoC
A proof of concept of the path traversal vulnerability in the python AioHTTP library =&lt; 3.9.1
File Snapshot

 [4.0K]  /data/pocs/29673db6c627704e8d80a9494bfea6966290c4ab
├── [ 526]  main.py
└── [ 118]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.