Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-6738 PoC — WisdomGarden Tronclass - Broken Access Control

Source
https://github.com/XD3an/CVE-2024-6738
Associated Vulnerability
Title:WisdomGarden Tronclass - Broken Access Control (CVE-2024-6738)
Description:The tumbnail API of Tronclass from WisdomGarden lacks proper access control, allowing unauthenticated remote attackers to obtain certain specific files by modifying the URL.
Description
CVE-2024-6738...
Readme
# CVE-2024-6738

- PoC/poc.py: PoC for CVE-2024-6738
```
Usage: python PoC/poc.py -u [URL] -f [file_number] -o [output_file]
```
- nuclei-templates/CVE-2024-6738.yaml: Nuclei template for CVE-2024-6738
```
Usage: nuclei -l urls.txt -t /path/to/CVE-2024-6738.yaml
```

## References

- [https://www.twcert.org.tw/tw/cp-132-7925-97e1c-1.html](https://www.twcert.org.tw/tw/cp-132-7925-97e1c-1.html)
- [https://nvd.nist.gov/vuln/detail/CVE-2024-6738](https://nvd.nist.gov/vuln/detail/CVE-2024-6738)
File Snapshot

 [4.0K]  /data/pocs/1c0a795c70fd13d0a4abc83a531e2709240d68cb
├── [4.0K]  nuclei-template
│   └── [ 921]  CVE-2024-6738.yaml
├── [4.0K]  PoC
│   └── [5.1K]  poc.py
└── [ 508]  README.md

2 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →