CVE-2022-24716

Arbitrary File Disclosure Vulnerability in Icinga Web 2 <2.8.6, <2.9.6, <2.10

CVE-2022-24716 Arbitrary File Disclosure Vulnerability in Icinga Web 2 &lt;286, &lt;296, &lt;210 Icinga Web 2 is an open source monitoring web interface, framework and command-line interface Unauthenticated users can leak the contents of files of the local system accessible to the web-server user, including icingaweb2 configuration files with database credenti

CVE-2022-24716 Icinga Web 2 is a software application that monitors computer systems and networks It has a web interface that allows users to view and manage system resources However, there is a vulnerability in Icinga Web 2 that allows unauthenticated users to access files on the system that are accessible to the web server user This includes configuration files for Icinga

CVE-2022-24716 (Arbitrary File Disclosure Icingaweb2)

CVE-2022-24716 Icinga Web 2 is an open source monitoring web interface, framework and command line interface Unauthenticated users can leak the contents of user-accessible local system files from the web server, including icingaweb2 configuration files with database credentials Installation Usage Running CVE-2022-24716 Installation CVE-2022-24716 requires golang and t

CVE-2022-24716 Exploit for the vulnerability: Arbitrary File Disclosure Vulnerability in Icinga Web 2 &lt;286, &lt;296, &lt;210 wwwsonarsourcecom/blog/path-traversal-vulnerabilities-in-icinga-web/ Help: python3 exploitpy -h Usage example: python3 -u 127001:8080 -f /etc/passwd DISCLAIMER: This script is made to audit the security of systems

Arbitrary File Disclosure Vulnerability in Icinga Web 2 <2.8.6, <2.9.6, <2.10

CVE-2022-24716 Exploit for the vulnerability: Arbitrary File Disclosure Vulnerability in Icinga Web 2 &lt;286, &lt;296, &lt;210 DISCLAIMER: This script is made to audit the security of systems Only use this script on your own systems or on systems you have written permission to exploit