CVE-2020-8254 PoC — Pulse Secure Pulse Desktop Client 路径遍历漏洞

Source

https://github.com/mbadanoiu/CVE-2020-8254

Associated Vulnerability

Title:Pulse Secure Pulse Desktop Client 路径遍历漏洞 (CVE-2020-8254)
Description:Pulse Secure Pulse Desktop Client是美国Pulse Secure公司的一套用于访问Juniper Pulse Secure网关的终端设备的客户端软件。 Pulse Secure Desktop Client 9.1R9之前版本存在安全漏洞，该漏洞源于远程代码执行(RCE)，以下产品及版本受到影响：Windows PDC。

Description

CVE-2020-8254: Zip Slip in Pulse Secure VPN Windows Client

Readme

# CVE-2020-8254: Zip Slip in Pulse Secure VPN Windows Client

A vulnerability in the Pulse Secure Desktop Client < 9.1R9 has Remote Code Execution (RCE) if users can be convinced to connect to a malicious server.

### Vendor Disclosure:

The vendor's disclosure and fix for this vulnerability can be found [here](https://forums.ivanti.com/s/article/SA44601?language=en_US).

### Requirements:

This vulnerability requires:
- User interaction (victim needs to click “Yes” or “Always” when asked to download the “Host Checker” software)

### Proof Of Concept:

More details and the exploitation process can be found in this [PDF](https://github.com/mbadanoiu/CVE-2020-8254/blob/main/Pulse%20Secure%20VPN%20Windows%20Client%20-%20CVE-2020-8254.pdf).

File Snapshot


 [4.0K]  /data/pocs/aeec418cd40adfe951f5d16f951772790bab50fb
├── [1.5M]  Pulse Secure VPN Windows Client - CVE-2020-8254.pdf
└── [ 759]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!