CVE-2017-5982 PoC — Kodi Chorus 路径遍历漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2017/CVE-2017-5982.yaml

Associated Vulnerability

Title:Kodi Chorus 路径遍历漏洞 (CVE-2017-5982)
Description:Kodi是XBMC基金会开发的一款开源媒体播放器，它支持播放本地或网络存储设备中的大多数视频、音乐、播客及各种常见的数字媒体文件。Chorus是其中的一个用于控制与Kodi交互的Web界面。 Kodi 17.1版本的Chorus 2.4.2版本中存在目录遍历漏洞。远程攻击者可利用该漏洞读取任意文件。

Description

Kodi 17.1 is vulnerable to local file inclusion vulnerabilities because of insufficient validation of user input.

File Snapshot


 id: CVE-2017-5982

info:
  name: Kodi 17.1 - Local File Inclusion
  author: 0x_Akoko
  severity: hig

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!