Symlink Attack

github.com/beego/beego is vulnerable to symlink attack. Lack of sufficient check for the existence of files created allows an attacker to use MemProf and GetCPUProfile commands to trigger the symbolic link attack locally...

Improper Link Resolution Before File Access ('Link Following')

An issue was discovered in file profile.go in function GetCPUProfile in beego through 2.0.2, allows attackers to launch symlink attacks locally...

CVE-2021-27117

An issue was discovered in file profile.go in function GetCPUProfile in beego through 2.0.2, allows attackers to launch symlink attacks locally...

Design/Logic Flaw

An issue was discovered in file profile.go in function GetCPUProfile in beego through 2.0.2, allows attackers to launch symlink attacks locally...

Beego 后置链接漏洞

Beego is an open source web framework based on the Go language. A backward linking vulnerability in the file profile.go in the function GetCPUProfile in Beego 2.0.2 and earlier versions allows attackers to locally launch a symbolic link attack...