CVE-2021-4463

HIGH NUCLEI

Longjing Technology BEMS API <=1.21 - Info Disclosure

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-4463. PoCs published by LiquidWorm. A Nuclei detection template is also available.

AI-analyzed exploit summary This exploit demonstrates an unauthenticated arbitrary file download vulnerability in Longjing Technology BEMS API 1.21 via directory traversal attacks. The PoC uses curl commands to retrieve sensitive files like /etc/passwd and /etc/shadow.

Description

Longjing Technology BEMS API versions up to and including 1.21 contains an unauthenticated arbitrary file download vulnerability in the 'downloads' endpoint. The 'fileName' parameter is not properly sanitized, allowing attackers to craft traversal sequences and access sensitive files outside the intended directory.

Exploits (1)

exploitdb WORKING POC

by LiquidWorm · textwebappshardware

https://www.exploit-db.com/exploits/50163

View Code ZIP pw:eip

This exploit demonstrates an unauthenticated arbitrary file download vulnerability in Longjing Technology BEMS API 1.21 via directory traversal attacks. The PoC uses curl commands to retrieve sensitive files like /etc/passwd and /etc/shadow.

Classification

Working Poc 100%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Longjing Technology BEMS API 1.21

No auth needed

Prerequisites: Network access to the vulnerable API endpoint

MITRE ATT&CK