Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2022-24715 PoC — Icinga Web 2 路径遍历漏洞

Source
https://github.com/d4rkb0n3/CVE-2022-24715-go
Associated Vulnerability
Title:Icinga Web 2 路径遍历漏洞 (CVE-2022-24715)
Description:Icinga Web 2是一个应用软件。Icinga Web 2是Icinga Project开发的下一代开源监控 Web 界面、框架和命令行界面,支持 Icinga 2、Icinga Core 和任何其他兼容 IDO 数据库的监控后端。 Icinga Web 2 存在路径遍历漏洞,该漏洞源于经过身份验证的Icinga Web 2用户可以访问配置,可以在非预期目录中创建 SSH 资源文件,从而导致执行任意代码。
Readme
# CVE-2022-24715
The Icinga Web 2 exploit written in go. The original python code can be found in: https://packetstormsecurity.com/files/173516/Icinga-Web-2.10-Remote-Code-Execution.html
File Snapshot

 [4.0K]  /data/pocs/f32e725fcac1a8a2d7da1e9737d237803a391d7a
├── [ 198]  go.mod
├── [5.2K]  go.sum
├── [5.6K]  icw2Exploit.go
└── [ 187]  README.md

0 directories, 4 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.