Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2020-7012 PoC — Elasticsearch Kibana 代码注入漏洞

Source
https://github.com/vulhub/vulhub/blob/master/kibana/CVE-2020-7012/README.md
Associated Vulnerability
Title:Elasticsearch Kibana 代码注入漏洞 (CVE-2020-7012)
Description:Elasticsearch Kibana是荷兰Elasticsearch公司的一套开源的、基于浏览器的分析和搜索Elasticsearch仪表板工具。 Elasticsearch Kibana 6.7.0版本至6.8.8版本和7.0.0版本至7.6.2版本中的Upgrade Assistant存在代码注入漏洞。攻击者可利用该漏洞在Kibana进程的上下文中执行代码。
File Snapshot

 # Kibana 7.6.2 upgrade-assistant-telemetry Prototype Pollution Leads to RCE (CVE-2020-7012)

[中文版本(C

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.