Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2019-16097 PoC — Harbor 权限许可和访问控制问题漏洞

Source
https://github.com/luckybool1020/CVE-2019-16097
Associated Vulnerability
Title:Harbor 权限许可和访问控制问题漏洞 (CVE-2019-16097)
Description:core/api/user.go in Harbor 1.7.0 through 1.8.2 allows non-admin users to create admin accounts via the POST /api/users API, when Harbor is setup with DB as authentication backend and allow user to do self-registration. Fixed version: v1.7.6 v1.8.3. v.1.9.0. Workaround without applying the fix: configure Harbor to use non-DB authentication backend such as LDAP.
Description
Harbor 未授权创建管理员漏洞原理 docker及poc[基于pocsuite框架]
Readme
# CVE-2019-16097
Harbor 未授权创建管理员漏洞原理 docker及poc[基于pocsuite框架]
File Snapshot

 [4.0K]  /data/pocs/594e43ba1ecdb7bbd7d386678da0e347cd0d4462
├── [2.4K]  harbor_privilege_escalation.py
└── [  96]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →