漏洞描述
在2019.2.4之前的SaltSalt Salt和3000.2之前的3000中发现了一个问题。
SaltStack Salt Master 认证绕过致远程代码执行漏洞
PoC代码
暂无相关漏洞推荐
- POC CVE-2024-24882: Masteriyo LMS <= 1.7.2 - Unauthenticated Privilege Escalation
- POC CVE-2024-33939: Masteriyo LMS <= 1.7.3 - Insecure Direct Object Reference
- POC sharepoint-masterpage-disclosure: Microsoft SharePoint - Master Page Disclosure
- POC CVE-2020-15568: TerraMaster TOS <.1.29 - Remote Code Execution
- POC CVE-2020-16846: SaltStack <=3002 - Shell Injection
- POC CVE-2020-28185: TerraMaster TOS < 4.2.06 - User Enumeration
- POC CVE-2020-28188: TerraMaster TOS - Unauthenticated Remote Command Execution
- POC CVE-2020-35951: Wordpress Quiz and Survey Master <7.0.1 - Arbitrary File Deletion
- POC CVE-2021-20792: WordPress Quiz and Survey Master <7.1.14 - Cross-Site Scripting
- POC CVE-2021-25281: SaltStack Salt <3002.5 - Auth Bypass
- POC CVE-2022-0441: MasterStudy LMS <2.7.6 - Improper Access Control
- POC CVE-2022-0693: WordPress Master Elements <=8.0 - SQL Injection
- POC CVE-2022-24990: TerraMaster TOS < 4.2.30 Server Information Disclosure