CVEs-PoC/2020/CVE-2020-13452.md at b0e96c877abb080d7cf221c036336480ff266ccf

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-09 15:15:46 +02:00

Files

T

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

735 B

Raw Blame History

CVE-2020-13452

Description

In Gotenberg through 6.2.1, insecure permissions for tini (writable by user gotenberg) potentially allow an attacker to overwrite the file, which can lead to denial of service or code execution.

POC

Reference

http://packetstormsecurity.com/files/160744/Gotenberg-6.2.0-Traversal-Code-Execution-Insecure-Permissions.html

Github

https://github.com/br0xpl/gotenberg_hack

735 B Raw Blame History

CVE-2020-13452

Description

POC

Reference

Github

735 B

Raw Blame History