CVE-2021-26814 PoC — Wazuh 路径遍历漏洞

Source

https://github.com/CYS4srl/CVE-2021-26814

Associated Vulnerability

Title:Wazuh 路径遍历漏洞 (CVE-2021-26814)
Description:Wazuh是（Wazuh）开源的一个应用软件。用于收集，汇总，索引和分析安全数据，帮助组织检测入侵，威胁和行为异常。 Wazuh API 4.0.0 到 4.0.3版本存在路径遍历漏洞，该漏洞允许经过身份验证的用户通过管理器文件URI执行任意代码，并具有管理权限。

Description

PoC of CVE-2021-26814

Readme

# CVE-2021-26814

A simple python PoC to exploit **CVE-2021-26814** and gain RCE on **Wazuh Manager** (v.4.0.0-4.0.3) through the API service.

To run it, simply make the .py script executable and launch it with the required parameters.

```
PoC.py [-h] -user USERNAME -pwd PASSWORD -lip SRCIP -lport SRCPORT -tip
              DESTIP -tport DESTPORT
```

**WARNING**: the `wazuh-apid.py` file on the manager **WILL BE CHANGED!** In order to restore the original version after the exploit is completed, a local file called `backup.py` is created.

## Authors

**Davide Meacci** - [Twitter](https://twitter.com/WickdDavid)

## License

This project is licensed under the MIT License - see the [LICENSE.md](LICENSE.md) file for details

File Snapshot


 [4.0K]  /data/pocs/a5f13b493859c6192d427ad51cd673b030e659fc
├── [1.0K]  LICENSE.md
├── [3.9K]  PoC.py
└── [ 734]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!