Exploitation Summary
EIP tracks 1 public exploit for CVE-2023-34834. PoCs published by Victor A. Morales.
AI-analyzed exploit summary This exploit describes a directory browsing vulnerability in MCL-Net 4.3.5.8788, allowing attackers to access sensitive database configuration files via the '/file' endpoint. The PoC outlines steps to retrieve plaintext database connection strings from 'AdoInfo.txt'.
Description
A Directory Browsing vulnerability in MCL-Net version 4.3.5.8788 webserver running on default port 5080, allows attackers to gain sensitive information about the configured databases via the "/file" endpoint.
Exploits (1)
This exploit describes a directory browsing vulnerability in MCL-Net 4.3.5.8788, allowing attackers to access sensitive database configuration files via the '/file' endpoint. The PoC outlines steps to retrieve plaintext database connection strings from 'AdoInfo.txt'.
References (2)
Scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N