CVE-2019-11510 PoC — Pulse Secure Pulse Connect Secure 路径遍历漏洞

Source

https://github.com/es0/CVE-2019-11510_poc

Associated Vulnerability

Title:Pulse Secure Pulse Connect Secure 路径遍历漏洞 (CVE-2019-11510)
Description:Pulse Secure Pulse Connect Secure（又名PCS，前称Juniper Junos Pulse）是美国Pulse Secure公司的一套SSL VPN解决方案。 Pulse Secure PCS 9.0RX版本、8.3RX版本和8.2RX版本中存在路径遍历漏洞。该漏洞源于网络系统或产品未能正确地过滤资源或文件路径中的特殊元素。攻击者可利用该漏洞访问受限目录之外的位置。

Description

PoC for CVE-2019-11510  |  Pulse Secure 8.1R15.1/8.2/8.3/9.0 SSL VPN - Arbitrary File Disclosure vulnerability

Readme

# CVE-2019-11510 PoC

Python script to exploit CVE-2019-11510 and read '/etc/passwd' file 

Pulse Secure 8.1R15.1/8.2/8.3/9.0 SSL VPN - Arbitrary File Disclosure  vulnerability
```
USAGE: python3 CVE-2019-11510.py <URL>
```

File Snapshot


 [4.0K]  /data/pocs/40a3dc74d7eda9fede9f5bcba5cd9138e5dee8f3
├── [2.4K]  CVE-2019-11510.py
├── [ 224]  README.md
└── [   9]  requirements.txt

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!