.. / CVE-2021-32305

Exploit for Websvn <2.6.1 - Remote Code Execution (CVE-2021-32305)

Description:

WebSVN before 2.6.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search parameter.

Nuclei Template

View the template here CVE-2021-32305.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2021/CVE-2021-32305.yaml
Copy

References:

http://packetstormsecurity.com/files/163225/Websvn-2.6.0-Remote-Code-Execution.html
https://nvd.nist.gov/vuln/detail/CVE-2021-32305
https://packetstormsecurity.com/files/163225/Websvn-2.6.0-Remote-Code-Execution.html
https://github.com/HimmelAward/Goby_POC
https://github.com/websvnphp/websvn/pull/142