8 matches found
GrandNode 4.40 - Local File Inclusion
GrandNode 4.40 is susceptible to local file inclusion in Controllers/LetsEncryptController.cs, which allows remote unauthenticated attackers to retrieve arbitrary files on the web server via specially crafted LetsEncrypt/Index?fileName= HTTP requests. id: CVE-2019-12276 info: name: GrandNode 4.40...
CVE-2019-12276
creationtimestamp| type| source ---|---|--- 2024-11-08 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2024-11-08 2024-12-23 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilities - 2024-12-23 2024-12-24 00:00:00+00:00| seen| The Shadowserver...
GrandNode LetsEncryptController Directory Traversal (CVE-2019-12276)
A directory traversal vulnerability exists in GrandNode. Successful exploitation of this vulnerability would allow a remote attacker to list directories on the affected system...
GrandNode 4.40 - Path Traversal / Arbitrary File Download Vulnerabilities
Exploit for multiple platform in category web applications Exploit Title: GrandNode Path Traversal & Arbitrary File Download Unauthenticated Exploit Author: Corey Robinson https://twitter.com/CRobSec Vendor Homepage: https://grandnode.com/ Software Link:...
GrandNode 4.40 - Path Traversal Arbitrary File Download
GrandNode 4.40 - Path Traversal Arbitrary File Download Exploit Title: GrandNode Path Traversal & Arbitrary File Download Unauthenticated Date: 06/23/3019 Exploit Author: Corey Robinson https://twitter.com/CRobSec Vendor Homepage: https://grandnode.com/ Software Link:...
GrandNode 4.40 Path Traversal / File Download
Exploit Title: GrandNode Path Traversal & Arbitrary File Download Unauthenticated Date: 06/23/3019 Exploit Author: Corey Robinson https://twitter.com/CRobSec Vendor Homepage: https://grandnode.com/ Software Link:...
GrandNode 4.40 - Path Traversal / Arbitrary File Download
Exploit Title: GrandNode Path Traversal & Arbitrary File Download Unauthenticated Date: 06/23/3019 Exploit Author: Corey Robinson https://twitter.com/CRobSec Vendor Homepage: https://grandnode.com/ Software Link:...
CVE-2019-12276
GrandNode 4.40 is affected by a Local File Inclusion (path traversal) in Controllers/LetsEncryptController.cs. Remote, unauthenticated attackers could retrieve arbitrary files on the web server via letsEncrypt/Index?fileName= requests. The issue is mitigated by a patch released on 2019-05-30 in G...