CVE-2020-11652 PoC — SaltStack Salt 路径遍历漏洞

Source

Associated Vulnerability

Description

This is a fix POC CVE-2020-11651 & CVE-2020-11651

Readme

# CVE-2020-11652-CVE-2020-11652-POC
This is a fix POC CVE-2020-11651 & CVE-2020-11651

Original version: https://github.com/Al1ex/CVE-2020-11652

Error Fixed: `TransportWarning: Unclosed transport! <salt.transport.zeromq.RequestClient object at 0x7f2105513690>`

`pip3 install salt`

RCE

`python3 CVE-2020-11652.py --master <target ip> --port <target port> --exec-choose master --exec-cmd 'whoami'`

File Snapshot

 [4.0K]  /data/pocs/e4a88c6608e19d0425f6f9f66a28d1929ab7dd7d
├── [6.9K]  CVE-2020-11652-fix.py
└── [ 403]  README.md

0 directories, 2 files

Remarks