Skip to content
/ CVE-2024-31848-PoC Public

PoC for Exploiting CVE-2024-31848/49/50/51 - File Path Traversal

14 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Stuub/CVE-2024-31848-PoC

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
CVE-2024-31848.py
CVE-2024-31848.py
 
 
README.md
README.md
 
 

Repository files navigation

Exploiting CData within Jetty servers - CVE-2024-31848/49/50/51 - File Path Traversal & File Read

What it is

A prototype PoC for the automation of vulnerability analysis on targets running CData applications on an embedded Jetty server.

Usage

Just use -u or --url to specify your target, the script will attempt to retrieve the getSettings.rsb? file, present within all CData instances.

Example

image

Notes

More error handling to be added in future

Disclaimer

Please use responsibly, exploitability is extremely high with this vulnerability. Only test within your own authorised limitations.

About

PoC for Exploiting CVE-2024-31848/49/50/51 - File Path Traversal

Topics

cdata threat jetty poc threat-intel cve-2024-31848 cve-2024-31849 cve-2024-31850 cve-2024-31851

Resources

Readme
Activity

Stars

14 stars

Watchers

1 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages