Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-40661 PoC — METTLER TOLEDO IND780 路径遍历漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2021/CVE-2021-40661.yaml
Associated Vulnerability
Title:METTLER TOLEDO IND780 路径遍历漏洞 (CVE-2021-40661)
Description:METTLER TOLEDO IND780是美国METTLER TOLEDO公司的一款高度灵活的终端。能够支持简单到复杂、独立到集成的称重和控制应用。 METTLER TOLEDO IND780 8.0.07 2018年3月19日、7.2.10 2012年6月18日存在安全漏洞。攻击者利用该漏洞可以访问受影响系统上的其他文件。
Description
IND780 Advanced Weighing Terminals Build 8.0.07 March 19, 2018 (SS Label 'IND780_8.0.07'), Version 7.2.10 June 18, 2012 (SS Label 'IND780_7.2.10') is vulnerable to unauthenticated local file inclusion. It is possible to traverse the folders of the affected host by providing a relative path to the 'webpage' parameter in AutoCE.ini. This could allow a remote attacker to access additional files on the affected system.
File Snapshot

 id: CVE-2021-40661

info:
  name: IND780 - Local File Inclusion
  author: For3stCo1d
  severity: hig

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.