CVE-2021-26814 PoC — Wazuh 路径遍历漏洞

Source

https://github.com/paolorabbito/Internet-Security-Project---CVE-2021-26814

Associated Vulnerability

Title:Wazuh 路径遍历漏洞 (CVE-2021-26814)
Description:Wazuh是（Wazuh）开源的一个应用软件。用于收集，汇总，索引和分析安全数据，帮助组织检测入侵，威胁和行为异常。 Wazuh API 4.0.0 到 4.0.3版本存在路径遍历漏洞，该漏洞允许经过身份验证的用户通过管理器文件URI执行任意代码，并具有管理权限。

Readme

# Internet-Security-Project---CVE-2021-26814

Internet Security project, for my exam at University of Catania, in wich you can learn how to exploit one vulnerability of Wazuh v4.0.3 and how this vulnerability can be fixed.

Link to script original repo:
https://github.com/WickdDavid/CVE-2021-26814

File Snapshot


 [4.0K]  /data/pocs/e4e55838a692a18221bea02f72e76d22857297f0
├── [ 299]  README.md
├── [118K]  Relazione Internet Security.pdf
└── [4.0K]  Script
    ├── [1.0K]  LICENSE.md
    └── [3.8K]  PoC.py

1 directory, 4 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!