Skip to content
splunk enterprise information disclosure
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.


Exploit Title: [information disclosure]

Google Dork: [n/r]

Date: [23/05/2018]

Exploit Author: [KoF2002]

Vendor Homepage: []

Software Link: []

Version: [6.2.3 - 7.01 MAYBE ALL VERSION AFFECTED]

Tested on: [linux os]

CVE : [CVE-2018-11409]

[Attack Type] [Remote]

Splunk through 6.2.3 7.0.1 allows information disclosure by appending

/__raw/services/server/info/server-info?output_mode=json to a query,

as demonstrated by discovering a license key and other information.

PoC :

Greats TO : Cold z3ro , ihab pal and all HTLovers "We Are Back"

You can’t perform that action at this time.