CVE-2021-33807 PoC — Cartadis Gespage 路径遍历漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2021/CVE-2021-33807.yaml

Associated Vulnerability

Title:Cartadis Gespage 路径遍历漏洞 (CVE-2021-33807)
Description:cartadis Cartadis Gespage是cartadis公司的一个应用软件。一个打印管理软件，它包括打印记帐、打印机监控、用户管理、支付、配额和重定向规则等功能，以实现对副本和打印的完整管理。 Cartadis Gespage存在路径遍历漏洞，该漏洞源于Cartadis Gespage允许在 gespage/doDownloadData 和 gespage/webapp/doDownloadData 中进行目录遍历。

Description

Cartadis Gespage through 8.2.1 allows Directory Traversal in gespage/doDownloadData and gespage/webapp/doDownloadData.

File Snapshot


 id: CVE-2021-33807

info:
  name: Cartadis Gespage 8.2.1 - Directory Traversal
  author: daffainfo
 

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!