Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

CVE-2021-26814 PoC — Wazuh 路径遍历漏洞

Source
https://github.com/CYS4srl/CVE-2021-26814
Associated Vulnerability
Title:Wazuh 路径遍历漏洞 (CVE-2021-26814)
Description:Wazuh API in Wazuh from 4.0.0 to 4.0.3 allows authenticated users to execute arbitrary code with administrative privileges via /manager/files URI. An authenticated user to the service may exploit incomplete input validation on the /manager/files API to inject arbitrary code within the API service script.
Description
PoC of CVE-2021-26814
Readme
# CVE-2021-26814

A simple python PoC to exploit **CVE-2021-26814** and gain RCE on **Wazuh Manager** (v.4.0.0-4.0.3) through the API service.

To run it, simply make the .py script executable and launch it with the required parameters.

```
PoC.py [-h] -user USERNAME -pwd PASSWORD -lip SRCIP -lport SRCPORT -tip
              DESTIP -tport DESTPORT
```

**WARNING**: the `wazuh-apid.py` file on the manager **WILL BE CHANGED!** In order to restore the original version after the exploit is completed, a local file called `backup.py` is created.

## Authors

**Davide Meacci** - [Twitter](https://twitter.com/WickdDavid)

## License

This project is licensed under the MIT License - see the [LICENSE.md](LICENSE.md) file for details
File Snapshot

Log in to view the POC file snapshot cached by Shenlong Bot

Log in to view
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →