CVE-2021-27963 PoC — SonLogger 访问控制错误漏洞

Source

Associated Vulnerability

Description

SonLogger Vulns (CVE-2021-27963, CVE-2021-27964)

Readme

## CVE-2021-27964 | SonLogger - Unauthenticated Arbitrary File Upload (Metasploit)

* Date: 30-01-2021
* Exploit Author: Berkan Er <b3rsec@protonmail.com>
* Vendor Homepage: https://www.sonlogger.com/
* Software Link: https://www.sonlogger.com/download
* Version: 4.2.3.3
* Tested on: Windows 10 Enterprise x64
* CVE: 2021-27964
* Disclosure Date: 01-03-2021

This module exploits an unauthenticated arbitrary file upload via insecure POST request. It has been tested on version 4.2.3.3 in Windows 10 Enterprise.

#### POC:
[![asciicast](https://asciinema.org/a/389082.svg)](https://asciinema.org/a/389082)

---

## CVE-2021-27963 | SonLogger - Insecure SuperAdmin Creation (Python)

* Date: 30-01-2021
* Exploit Author: Berkan Er <b3rsec@protonmail.com>
* Vendor Homepage: https://www.sonlogger.com/
* Software Link: https://www.sonlogger.com/download
* Version: 4.2.3.3
* Tested on: Windows 10 Enterprise x64
* CVE: 2021-27963
* Disclosure Date: 01-03-2021

This module exploit creates user with superadmin profile and shows some information about the application via insecure POST request. It has been tested on version 4.2.3.3 in Windows 10 Enterprise.

#### POC:
[![asciicast](https://asciinema.org/a/394640.svg)](https://asciinema.org/a/394640)

File Snapshot

 [4.0K]  /data/pocs/3b7d9d61482ad1bc80c1af1e06e941de514bbee0
├── [1.2K]  README.md
├── [4.3K]  sonlogger_arbitrary_fileupload.rb
└── [3.1K]  sonlogger-superadmin_create.py

0 directories, 3 files

Remarks