mirror of
https://github.com/0xMarcio/cve.git
synced 2026-04-21 09:56:14 +02:00
0xMarcio
1.3 KiB
1.3 KiB
CVE-2017-12637
Description
Directory traversal vulnerability in scheduler/ui/js/ffffffffbca41eb4/UIUtilJavaScriptJS in SAP NetWeaver Application Server Java 7.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the query string, as exploited in the wild in August 2017, aka SAP Security Note 2486657.
POC
Reference
No PoCs from references.
Github
- https://github.com/20142995/nuclei-templates
- https://github.com/20142995/sectool
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/Elsfa7-110/kenzer-templates
- https://github.com/Ostorlab/KEV
- https://github.com/abrewer251/CVE-2017-12637_SAP-NetWeaver-URL-Traversal
- https://github.com/gnarkill78/CSA_S2_2024
- https://github.com/merlinepedra/nuclei-templates
- https://github.com/merlinepedra25/nuclei-templates
- https://github.com/packetinside/CISA_BOT
- https://github.com/sobinge/nuclei-templates
- https://github.com/ums91/CISA_BOT