Skip to content

MucahitSaratar/endian_firewall_authenticated_rce

main
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 

endian_firewall_authenticated_rce CVE-2021-27201

Endinan Firewall Community version 3.3.2 authenticated remote code execution as nobody.

when i was start create backup, output of ps command is be interesting.

dikkatcekennokta

and checking the input is validated ?

create-file

no. we can run command.check the permission.

permission

we can run command as nobody.

1-) login in web application.

2-) create backup and select any options and write payload to comment. eg. aaaa$(id)bbbb

3-) start to backup.

                                               Proof Of Concept

endian_poc

POC VIDEO

proof of concept as video: watch

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published