Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2020-35488 PoC — Nxlog 代码问题漏洞

Source
https://github.com/githubfoam/nxlog-ubuntu-githubactions
Associated Vulnerability
Title:Nxlog 代码问题漏洞 (CVE-2020-35488)
Description:The fileop module of the NXLog service in NXLog Community Edition 2.10.2150 allows remote attackers to cause a denial of service (daemon crash) via a crafted Syslog payload to the Syslog service. This attack requires a specific configuration. Also, the name of the directory created must use a Syslog field. (For example, on Linux it is not possible to create a .. directory. On Windows, it is not possible to create a CON directory.)
Description
nxlog ubuntu CVE-2020-35488
Readme
# nxlog-ubuntu-githubactions
nxlog ubuntu
File Snapshot

 [4.0K]  /data/pocs/cec85d55c49a9f55e0efe661c9bf4f116e23aac8
├── [ 34K]  LICENSE
├── [ 308]  Makefile
├── [  42]  README.md
└── [4.0K]  scripts
    ├── [ 893]  deploy-nxlog-1804-cve.sh
    ├── [1.9K]  deploy-nxlog-1804.sh
    └── [1.7K]  deploy-nxlog-2004.sh

1 directory, 6 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →