Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-30461 PoC — VoIPmonitor 代码注入漏洞

Source
https://github.com/Threekiii/Awesome-POC/blob/master/%E4%B8%AD%E9%97%B4%E4%BB%B6%E6%BC%8F%E6%B4%9E/VoIPmonitor%20%E8%BF%9C%E7%A8%8B%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E%20CVE-2021-30461.md
Associated Vulnerability
Title:VoIPmonitor 代码注入漏洞 (CVE-2021-30461)
Description:VoIPmonitor是VoIPmonitor团队的一个开源网络数据包嗅探器。具有用于在 Linux 上运行的 SIP RTP RTCP SKINNY(SCCP) MGCP WebRTC VoIP 协议的商业前端。 VoIPmonitor web UI 24.61版本之前存在安全漏洞,该漏洞源于当使用recheck选项时,用户提供的SPOOLDIR值(可能包含PHP代码)会被注入到config configuration.php中。
File Snapshot

 # VoIPmonitor 远程命令执行漏洞 CVE-2021-30461

## 漏洞描述

VoIPmonitor是“具有在Linux上运行的SIP RTP和RTCP VoIP协议的具有商业前端的

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.