what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 2 of 2

Files from 0rich1

Apache Flink JobManager Traversal

Posted Sep 1, 2024

Authored by Brendan Coles, Hoa Nguyen, 0rich1 | Site metasploit.com

This Metasploit module exploits an unauthenticated directory traversal vulnerability in Apache Flink versions 1.11.0 less than or equal to 1.11.2. The JobManager REST API fails to validate user-supplied log file paths, allowing retrieval of arbitrary files with the privileges of the web server user. This Metasploit module has been tested successfully on Apache Flink version 1.11.2 on Ubuntu 18.04.4.

tags | exploit, web, arbitrary

systems | linux, ubuntu

advisories | CVE-2020-17519

SHA-256 | 776647522193812481f55a112c7a98a591a11cb7829c40e7841d4b5813acf9fa

Download | Favorite | View

Apache Flink 1.11.0 Arbitrary File Read / Directory Traversal

Posted Jan 8, 2021

Authored by SunCSR, Hoa Nguyen, 0rich1 | Site metasploit.com

This Metasploit module exploits an unauthenticated directory traversal vulnerability in Apache Flink version 1.11.0.

tags | exploit

advisories | CVE-2020-17519

SHA-256 | 79df4302ec4ea436f7e67026dddc838b8aa4610460bb6f8baa402ecd0a91ba4d

Download | Favorite | View