Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-41569 PoC — Sas Institute SAS/Intrnet 安全漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2021/CVE-2021-41569.yaml
Associated Vulnerability
Title:Sas Institute SAS/Intrnet 安全漏洞 (CVE-2021-41569)
Description:Sas Institute Sas/IntrNet是美国Sas Institute公司的一套 Cgi 和 Java 工具。用于创建和部署支持 Web 的报告和应用程序。 Sas Institute SAS/Intrnet存在安全漏洞,该漏洞源于网络系统或产品的代码开发过程中存在设计或实现不当的问题。
Description
SAS/Internet 9.4 build 1520 and earlier allows local file inclusion. The samples library (included by default) in the appstart.sas file, allows end-users of the application to access the sample.webcsf1.sas program, which contains user-controlled macro variables that are passed to the DS2CSF macro.
File Snapshot

 id: CVE-2021-41569

info:
  name: SAS/Internet 9.4 1520 - Local File Inclusion
  author: 0x_Akoko
  

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.