CVE-2021-21287 PoC — Minio MinIO 代码问题漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2021/CVE-2021-21287.yaml

Associated Vulnerability

Title:Minio MinIO 代码问题漏洞 (CVE-2021-21287)
Description:Minio MinIO是美国MinIO（Minio）公司的一款开源的对象存储服务器。该产品支持构建用于机器学习、分析和应用程序数据工作负载的基础架构。 MinIO 存在代码问题漏洞，攻击者可利用该漏洞通过提供一个完全不同的URL或操纵URL的构建方式(路径遍历等)来修改对该功能的调用。

Description

MinIO Browser API before version RELEASE.2021-01-30T00-20-58Z contains a server-side request forgery vulnerability.

File Snapshot


 id: CVE-2021-21287

info:
  name: MinIO Browser API - Server-Side Request Forgery
  author: pikpikcu

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!