CVE-2024-53591 PoC — Seclore 安全漏洞

Source

https://github.com/aljoharasubaie/CVE-2024-53591

Associated Vulnerability

Title:Seclore 安全漏洞 (CVE-2024-53591)
Description:Seclore是Seclore公司的一个安全数据共享软件。 Seclore 3.27.5.0版本存在安全漏洞，该漏洞源于登录页面容易受到暴力破解攻击。

Readme

# CVE-2024-53591

#### Des: 
An issue in the login page of Seclore v3.27.5.0 allows attackers to enumerate valid domains (internal service) via a brute force attack.

#### POC: 
https://company/policyserver/redirectTprepositoryEntryAction.do?repoCode=10006, brute force repoCode parameter to find all hosted domains & internal services

## Discovered by Aljohara Abdulmohsen Alsubaie..

File Snapshot


 [4.0K]  /data/pocs/70d218f9e629227a3ae13a61af249d14be7cdff6
└── [ 388]  README.md

0 directories, 1 file

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.