CVE-2024-45241 PoC — CentralSquare CryWolf 安全漏洞

Source

https://github.com/d4lyw/CVE-2024-45241

Associated Vulnerability

Title:CentralSquare CryWolf 安全漏洞 (CVE-2024-45241)
Description:CentralSquare CryWolf是CentralSquare公司的一个误报管理系统。 CentralSquare CryWolf 存在安全漏洞，该漏洞源于 GeneralDocs.aspx 包含一个路径遍历漏洞。

Description

Path Traversal in CentralSquare's CryWolf

Readme

# CVE-2024-45241
Path Traversal in CentralSquare's CryWolf

A path traversal vulnerability in the CryWolf (False Alarm Management) application allows unauthenticated attackers to read files outside of the working web directory leading to the disclosure of sensitive information.

By sending a traversal payload to the endpoint GeneralDocs.aspx in the rpt parameter, it is then possible to access the full contents of the file by visiting gdoc1.ashx.

Repro:

- Step 1: Visit `GeneralDocs.aspx?rpt=../web.config` in a browser with an intercepting proxy configured.
- Step 2: From the intercepting proxy, locate the GET request to `gdoc1.ashx`, this will contain the contents of `web.config`.


References:

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45241
- https://daly.wtf/cve-2024-45241-path-traversal-in-centralsquare-crywolf/

File Snapshot


 [4.0K]  /data/pocs/608336ab8d92721b876fce7831b5f80d23fbc112
└── [ 845]  README.md

0 directories, 1 file

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!