mirror of
https://github.com/0xMarcio/cve.git
synced 2026-02-12 18:42:46 +00:00
883 B
883 B
CVE-2021-36711
Description
WebInterface in OctoBot before 0.4.4 allows remote code execution because Tentacles upload is mishandled.
POC
Reference
- http://packetstormsecurity.com/files/167780/OctoBot-WebInterface-0.4.3-Remote-Code-Execution.html
- https://github.com/Drakkar-Software/OctoBot/issues/1966
- https://github.com/Nwqda/Sashimi-Evil-OctoBot-Tentacle
- https://packetstormsecurity.com/files/167721/Sashimi-Evil-OctoBot-Tentacle.html