Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-46703 PoC — Antaris RazorEngine 安全漏洞

Source
https://github.com/BenEdridge/CVE-2021-46703
Associated Vulnerability
Title:Antaris RazorEngine 安全漏洞 (CVE-2021-46703)
Description:In the IsolatedRazorEngine component of Antaris RazorEngine through 4.5.1-alpha001, an attacker can execute arbitrary .NET code in a sandboxed environment (if users can externally control template contents). NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Description
Simple payload builder
Readme
# CVE-2021-46703
Simple payload builder based on POC in: https://github.com/Antaris/RazorEngine/issues/585

## Usage

### C#
```bash
dotnet build --configuration Release
.\bin\Release\net4.8\Poc.exe "System.IO.File.WriteAllText(\"rce.txt\", \"Hello World\");"
```
### Python
```bash
./poc.py "System.IO.File.WriteAllText(\"rce.txt\", \"Hello World\");"
```

## Acknowledgements
- https://www.yielddd.com/about-us/discovery-of-a-critical-open-source-vulnerability-cve-2021-46703
File Snapshot

 [4.0K]  /data/pocs/0ba4d7fca1c84d572428b835c670118d484150ef
├── [1.0K]  LICENSE
├── [ 331]  Poc.csproj
├── [1.3K]  poc.py
├── [1.2K]  Poc.sln
├── [4.3K]  Program.cs
└── [ 478]  README.md

0 directories, 6 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →