CVE-2019-1759 PoC — Cisco IOS XE 访问控制错误漏洞

Source

https://github.com/r3m0t3nu11/CVE-2019-1759-csrf-js-rce

Associated Vulnerability

Title:Cisco IOS XE 访问控制错误漏洞 (CVE-2019-1759)
Description:Cisco IOS XE是美国思科（Cisco）公司的一套为其网络设备开发的操作系统。 Cisco IOS XE 16.x版本中的Gigabit Ethernet管理界面的访问控制列表功能存在访问控制错误漏洞。远程攻击者可借助管理界面利用该漏洞访问Gigabit Ethernet管理界面上被配置的IP地址。

Description

Bolt-cms 3.6.10 Csrf -> xss -> rce

Readme

# CVE-2019-1759
Bolt-cms 3.6.10 Csrf -> xss -> rce
[![Watch the video](https://serving.photos.photobox.com/99157763c0ef73f4a778612ab4d7b380b03761ea8d43a07801f8c3459f23930f0f06c70e.jpg)](https://drive.google.com/file/d/1TRjzOM-q8cWK1JA9cN1Auhp7Ao3AXtbp/view)

File Snapshot


 [4.0K]  /data/pocs/5e5004ac02a1fcd42c0aaf7600c701b5a50c1e2f
├── [2.3K]  csrf-exploit.html
├── [3.4K]  js-exploit.js
└── [ 258]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!