CVE-2024-50848 PoC — RWS WorldServer 安全漏洞

Source

https://github.com/1mhr4b/CVE-2024-50848

Associated Vulnerability

Title:RWS WorldServer 安全漏洞 (CVE-2024-50848)
Description:RWS WorldServer是英国RWS公司的一个灵活的企业级翻译管理系统。 RWS WorldServer v11.8.2版本存在安全漏洞，该漏洞源于存在XML外部实体(XXE)漏洞，攻击者可以通过提供精心设计的tmx文件来访问敏感信息并执行任意命令。

Readme

# CVE-2024-50848: XXE in the WorldServer v11.8.2

An XML External Entity (XXE) vulnerability in the Import object and Translation Memory import functionalities of WorldServer v11.8.2 might lead to access sensitive system information and execute arbitrary commands via supplying a crafted .tmx file.

To exploit this vulnerability, an authenticated attacker has to craft a .tmx file containing the malicious payload with the path to the existing system file or directory. After uploading the file with malicious content, the target server will respond with the specified system folder or file content in the warning message.

Discovered by Nikita Hrab, July 2024

References:
https://www.trados.com/product/worldserver/

File Snapshot


 [4.0K]  /data/pocs/6607398b33bfc01b7663197e6340d6babe03aa80
├── [ 300]  PoC.tmx
└── [ 719]  README.md

1 directory, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!