CVE-2024-36991

HIGHCVSS: 7.5

In Splunk Enterprise on Windows below 9.2.2, 9.1.5 and 9.0.10, an unauthenticated attacker can perform a path traversal on the /modules/messaging/ endpoint to read arbitrary files.

Published: 7/1/2024

Affected: Splunk Enterprise (Windows) < 9.0.10 / < 9.1.5 / < 9.2.2

REFERENCES

NVD

INCIBE-CERT

SonicWall

AVAILABLE_EXPLOITS(1)

CVE-2024-36991 - Interactive Python Exploit

@iamwin

7/1/2024

Interactive Python PoC with auto-detection of traversal depth and a picker to harvest credentials, configs, logs and system files from Splunk Enterprise on Windows.

#Path Traversal#Web#High

VERIFIED

VIEW_EXPLOIT