CVE-2019-12890 PoC — RedwoodHQ 访问控制错误漏洞

Source

https://github.com/EthicalHCOP/CVE-2019-12890_RedxploitHQ

Associated Vulnerability

Title:RedwoodHQ 访问控制错误漏洞 (CVE-2019-12890)
Description:RedwoodHQ是一款开源的自动化测试框架。该产品支持Java、Groovy、Python和C#等编程语言，能够创建可读的关键字驱动的测试用例。 RedwoodHQ 2.5.5版本中存在访问控制错误漏洞。该漏洞源于网络系统或产品未正确限制来自未授权角色的资源访问。

Description

Use RedxploitHQ to create a new Admin user into redwoodhq and get all the functions on the framework

File Snapshot


 [4.0K]  /data/pocs/4664b71ec4fe953bc2af0be8b484602f5ba26811
└── [2.6K]  CVE-2019-12890.py

0 directories, 1 file

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!