An issue in the component /api/swaggerui/static of Bazaar v1.4.3 allows unauthenticated attackers to execute a directory traversal.
This is a bulk scanning and exploitation tool for CVE-2024-40348: Bazaar v1.4.3 allows unauthenticated attackers to execute a directory traversal. This vulnerability was discovered by 4rdr.
How to Use
Minimum Requirements
- Python 3.6 or higher
Single Target:
python CVE-2024-40348.py -u http://target:7809 -p /etc/passwd
Bulk Sscan:
python CVE-2024-40348 -f file.txt -p /etc/passwd
Contact
For any suggestions or thoughts, please get in touch with me.
Disclaimer
I like to create my own tools for fun, work and educational purposes only. I do not support or encourage hacking or unauthorized access to any system or network. Please use my tools responsibly and only on systems where you have clear permission to test.
What do you think?
It is nice to know your opinion. Leave a comment.