Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-36991 PoC — Path Traversal on the “/modules/messaging/“ endpoint in Splunk Enterprise on Windows

Source
https://github.com/0xFZin/CVE-2024-36991
Associated Vulnerability
Title:Path Traversal on the “/modules/messaging/“ endpoint in Splunk Enterprise on Windows (CVE-2024-36991)
Description:In Splunk Enterprise on Windows versions below 9.2.2, 9.1.5, and 9.0.10, an attacker could perform a path traversal on the /modules/messaging/ endpoint in Splunk Enterprise on Windows. This vulnerability should only affect Splunk Enterprise on Windows.
Description
Exploit for CVE-2024-36991 , written by me, enumerates a handfull of things, not all, cause not needed.
Readme
# CVE 2024-36991
- A path-traversal vulnerability that allows an attacker to read files  from the system.

## Technical Summary
- **CVE**: 2024-36991 (Path Traversal)
- **Affected Systems**: Splunk Enterprise 9.2.1 , 9.1.4 , 9.0.9


## Legal Disclaimer
This tool is provided for authorized security assessments only. Unauthorized use violates:
- Computer Fraud and Abuse Act (US)
- Computer Misuse Act (UK/EU)

Usage implies acceptance of responsibility for proper authorization. All testing requires written consent from system owners.

### USAGE:
```bash
python3 exploit.py <URL:PORT>
```
File Snapshot

 [4.0K]  /data/pocs/17003586a59fe5b6a3fc61d047c13b96d0c22e5f
├── [6.2K]  exploit.py
├── [ 34K]  LICENSE
├── [ 590]  README.md
└── [ 346]  requirements.txt

1 directory, 4 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →