CVE-2021-42560 PoC — Caldera 代码问题漏洞

Source

https://github.com/mbadanoiu/CVE-2021-42560

Associated Vulnerability

Title:Caldera 代码问题漏洞 (CVE-2021-42560)
Description:Caldera是法国Caldera公司的一套能够为打印机设备提供色彩管理、成像和处理解决方案的软件。 Caldera 中存在代码问题漏洞，该漏洞源于产品生成PDF文档时，Debrief插件接收base64编码的“SVG”参数使用不正确的方式进行解析。攻击者可通过该漏洞导致XXE攻击(例如，文件外移、服务器端请求伪造、带外外移等)。以下产品及版本受到影响：CALDERA 2.9.0。

Description

CVE-2021-42560: Unsafe XML Parsing in MITRE Caldera

Readme

# CVE-2021-42560: Unsafe XML Parsing in MITRE Caldera

The Debrief plugin in Caldera (versions <=2.9.0) receives base64 encoded "SVG" parameters when generating a PDF. These SVG are parsed in an unsafe manner and can be leveraged for XXE attacks (e.g. File Exfiltration, Server-Side Request Forgery, Out of Band Exfiltration, etc.). 

### Vendor Disclosure:

The vendor's disclosure for this vulnerability can be found [here](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42560).

### Requirements:

This vulnerability requires:
<br/>
- Valid user credentials

### Proof Of Concept:

More details and the exploitation process can be found in this [PDF](https://github.com/mbadanoiu/CVE-2021-42560/blob/main/Caldera%20-%20CVE-2021-42560.pdf).

File Snapshot


 [4.0K]  /data/pocs/c295f06f1b412757e0d89a14ec867e1fe6a5ab44
├── [267K]  Caldera - CVE-2021-42560.pdf
└── [ 752]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!