Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2018-11409 PoC — Splunk 安全漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2018/CVE-2018-11409.yaml
Associated Vulnerability
Title:Splunk 安全漏洞 (CVE-2018-11409)
Description:Splunk是美国Splunk公司的一套数据收集分析软件。该软件主要用于收集、索引和分析机器产生的数据,包括所有IT系统和基础结构(物理、虚拟和云)生成的数据。 Splunk 7.0.1及之前版本中存在安全漏洞。攻击者可通过将__raw/services/server/info/server-info?output_mode=json添加到查询中利用该漏洞泄露信息(如:许可证密钥)。
Description
Splunk through 7.0.1 is susceptible to information disclosure by appending __raw/services/server/info/server-info?output_mode=json to a query, as demonstrated by discovering a license key.
File Snapshot

 id: CVE-2018-11409

info:
  name: Splunk <=7.0.1 - Information Disclosure
  author: harshbothra_
  s

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.