.. / CVE-2020-35736

Exploit for GateOne 1.1 - Local File Inclusion (CVE-2020-35736)

Description:

GateOne 1.1 allows arbitrary file retrieval without authentication via /downloads/.. local file inclusion because os.path.join is incorrectly used.

Nuclei Template

View the template here CVE-2020-35736.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2020/CVE-2020-35736.yaml
Copy

References:

https://nvd.nist.gov/vuln/detail/CVE-2020-35736
https://rmb122.com/2019/08/28/Ogeek-Easy-Realworld-Challenge-1-2-Writeup/
https://github.com/ARPSyndicate/kenzer-templates
https://github.com/20142995/Goby
https://github.com/liftoff/GateOne/issues/747