Home

Awesome

CVE-2021-41277

Metabase任意文件读取漏洞批量扫描工具

影响版本:

metabase version < 0.40.5
metabase version >= 1.0.0, < 1.40.5

修复版本:

metabase version >= 0.40.5
metabase version >= 1.40.5

使用说明

usage: CVE-2021-41277.py [-h] [-u URL] [-f FILE]

CVE-2021-41277

optional arguments:
  -h, --help            show this help message and exit
  -u URL, --url URL     url like http://127.0.0.1:8080
  -f FILE, --file FILE  url file path

单个url扫描

python3 CVE-2021-41277.py -u http://172.16.0.1:8080

批量扫描

python3 CVE-2021-41277.py -f ./scan.txt