.. / CVE-2015-5531

Exploit for ElasticSearch <1.6.1 - Local File Inclusion (CVE-2015-5531)

Description:

ElasticSearch before 1.6.1 allows remote attackers to read arbitrary files via unspecified vectors related to snapshot API calls.

Nuclei Template

View the template here CVE-2015-5531.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2015/CVE-2015-5531.yaml

References:

https://github.com/vulhub/vulhub/tree/master/elasticsearch/CVE-2015-5531
http://packetstormsecurity.com/files/132721/Elasticsearch-Directory-Traversal.html
https://nvd.nist.gov/vuln/detail/CVE-2015-5531
http://packetstormsecurity.com/files/133797/ElasticSearch-Path-Traversal-Arbitrary-File-Download.html
https://www.elastic.co/community/security/