.. / CVE-2023-31059

Exploit for Repetier Server - Directory Traversal (CVE-2023-31059)

Description:

Repetier Server through 1.4.10 allows ..%5c directory traversal for reading files that contain credentials, as demonstrated by connectionLost.php.

Nuclei Template

View the template here CVE-2023-31059.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2023/CVE-2023-31059.yaml
Copy

References:

https://nvd.nist.gov/vuln/detail/CVE-2023-31059
https://cybir.com/2023/cve/poc-repetier-server-140/
https://www.repetier-server.com/download-repetier-server/