This exploit demonstrates a Local File Inclusion (LFI) vulnerability in Odoo 12.0, allowing an attacker to read arbitrary files from the server via crafted HTTP requests to specific static file endpoints.
Classification
Working Poc 100%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target:Odoo 12.0
No auth needed
Prerequisites:Network access to the Odoo instance · Odoo 12.0 running on the target