This repository holds the advisory, exploits and vulnerable software of the CVE-2020-15492# CVE-2020-15492
This vulnerablity was discovered and disclosed by me. This repository will hold the advisory, exploits and the setup executable of the vulnerable software for one to experiment with this vulnerability.
This repository is only for educational purposes.
# Links
- [Advisory SYSS-2020-028](https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2020-028.txt)
- [SySS Blog entry](https://www.syss.de/pentest-blog/2020/syss-2020-028-sicherheitsschwachstelle-in-inneo-startup-tools-2017-und-2018/)
- [Exploit on Exploit-DB](https://www.exploit-db.com/exploits/48693)
- [Vendor notice](https://www.inneo.de/files/content/Produktentwicklung/Tools-und-Erweiterungen/Startup-TOOLS/INNEO-SA-SUT-2020-01.pdf)
- [MITRE Entry](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15492)
- [NVD Entry](https://nvd.nist.gov/vuln/detail/CVE-2020-15492)
[4.0K] /data/pocs/c79d496d5660bf1b3f058254225f74ce7759785e
├── [4.0K] advisory
│ └── [5.8K] SYSS-2020-028.txt.asc
├── [4.0K] exploits
│ ├── [7.1M] syss-2020-028
│ ├── [6.1M] syss-2020-028.exe
│ ├── [8.2K] syss-2020-028.go
│ └── [4.8K] syss-2020-028.py
├── [ 875] README.md
└── [4.0K] software
├── [ 408] README.md
├── [ 50M] setup_data.tar.gz00
├── [ 50M] setup_data.tar.gz01
├── [ 50M] setup_data.tar.gz02
├── [ 50M] setup_data.tar.gz03
├── [ 50M] setup_data.tar.gz04
├── [ 50M] setup_data.tar.gz05
├── [ 50M] setup_data.tar.gz06
├── [ 18M] setup_data.tar.gz07
├── [ 50M] setup_software.tar.gz00
├── [ 50M] setup_software.tar.gz01
├── [ 50M] setup_software.tar.gz02
├── [ 50M] setup_software.tar.gz03
├── [ 50M] setup_software.tar.gz04
├── [ 50M] setup_software.tar.gz05
├── [ 50M] setup_software.tar.gz06
├── [ 39M] setup_software.tar.gz07
├── [ 103] setup_SUT2018-M040 Build 79_data.sha256sum
└── [ 107] setup_SUT2018-M040 Build 79_software.sha256sum
3 directories, 25 files