CVE-2021-30357
MEDIUMSSL Network Extender Client <build 800008302 - Info Disclosure
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2021-30357. PoCs published by joaovarelas.
AI-analyzed exploit summary The repository provides a detailed technical analysis of CVE-2021-30357, a privileged file read vulnerability in CheckPoint SNX VPN Linux Client. It explains the root cause (SETUID bit on the SNX binary) and demonstrates how arbitrary file contents can be leaked via error messages.
Description
SSL Network Extender Client for Linux before build 800008302 reveals part of the contents of the configuration file supplied, which allows partially disclosing files to which the user did not have access.
Exploits (1)
The repository provides a detailed technical analysis of CVE-2021-30357, a privileged file read vulnerability in CheckPoint SNX VPN Linux Client. It explains the root cause (SETUID bit on the SNX binary) and demonstrates how arbitrary file contents can be leaked via error messages.
References (1)
Scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N