CVE-2019-14251 PoC — TEMENOS Channels 安全漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2019/CVE-2019-14251.yaml

Associated Vulnerability

Title:TEMENOS Channels 安全漏洞 (CVE-2019-14251)
Description:TEMENOS Channels R15.01版本中的T24存在安全漏洞。攻击者可借助‘downloadDocServer()’函数利用该漏洞遍历文件系统，访问被限制目录之外的文件或目录。

Description

T24 web server is vulnerable to unauthenticated local file inclusion that permits an attacker to exfiltrate data directly from server.

File Snapshot


 id: CVE-2019-14251

info:
  name: T24 Web Server - Local File Inclusion
  author: 0x_Akoko
  severit

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!