CVE-2023-40297 PoC — Stakater Forecastle 安全漏洞

Source

https://github.com/sahar042/CVE-2023-40297

Associated Vulnerability

Title:Stakater Forecastle 安全漏洞 (CVE-2023-40297)
Description:Stakater Forecastle是Stakater公司的一个控制面板，可动态发现并提供启动板来访问部署在 Kubernetes 上的应用程序。 Stakater Forecastle 1.0.139 及之前版本存在安全漏洞，该漏洞源于允许在网站组件中进行目录遍历。

Description

 Stakater Forecastle 1.0.127 allows directory traversal in the website component

Readme

# CVE-2023-40297
 Stakater Forecastle => v1.0.139 allows directory traversal in the website component
 
[Vulnerability Type] Directory Traversal

[Vendor of Product] Stakater

[Affected Product Code Base] Forecastle => v1.0.139

[Affected Component] Affected component(s): URL - https://www.example.com/%5C../etc/passwd

[Attack Type] Local

[Impact Escalation of Privileges] true

[Impact Information Disclosure] true

[Attack Vectors]

Attack vector(s):
https://<domain/ip>/%5C../etc/passwd

An attacker can exploit the directory traversal vulnerability by manipulating the URL to traverse outside the intended web directory. By appending "%5C../etc/passwd" to the URL, an unauthorized user can access the sensitive system file "/etc/passwd" containing user account information. This allows the attacker to obtain privileged information about system users, potentially facilitating further attacks.

[Reference]
https://github.com/stakater/Forecastle/releases

[Discoverer]
Sahar Shlichove

File Snapshot


 [4.0K]  /data/pocs/a4d91a75bab8a8018bcff2cc3da27e41b74ad76c
├── [ 32K]  PoC.jpg
└── [ 992]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!