Skip to content

Instantly share code, notes, and snippets.

@shiham101

shiham101/gist:8763642e768582e0182f92cd41c482ec Secret

Last active January 31, 2019 07:59
Show Gist options
  • Save shiham101/8763642e768582e0182f92cd41c482ec to your computer and use it in GitHub Desktop.
Save shiham101/8763642e768582e0182f92cd41c482ec to your computer and use it in GitHub Desktop.
Download ZIP
CVE-2018-16386
Raw
gistfile1.txt
> An issue was discovered in SWIFT Alliance Web Platform 7.1.23. A log injection (and an arbitrary log filename) can be achieved via the PATH_INFO to swp/login/EJBRemoteService/, related to com.swift.ejbgwt.j2ee.client.EjBlnvocationException error log > information containing null@java:comp/env/ error messages.
> ------------------------------------------
>
> [Additional Information]
> Attacker could use url path(
> https://target/swp/login/EJBRemoteService/@Injection_Here) tampering
> log File Name (@Injection_Here) and error log informations (
> com.swift.ejbgwt.j2ee.client.EjBlnvocationException , Failed to execute
> null@java:comp/env/@Injection_Here )
>
> ------------------------------------------
>
> [VulnerabilityType Other]
> Log injection and Arbitrary log filename
>
> ------------------------------------------
>
> [Vendor of Product]
> SWIFT
>
> ------------------------------------------
>
> [Affected Product Code Base]
> Alliance Web Platform - 7.1.23
>
> ------------------------------------------
>
> [Affected Component]
> /swp/login/EJBRemoteService/@Injection_Here
>
> ------------------------------------------
>
> [Attack Type]
> Remote
>
> ------------------------------------------
>
> [Attack Vectors]
> URL
>
> ------------------------------------------
>
> [Reference]
> https://www.swift.com/
>
> ------------------------------------------
>
> [Discoverer]
> CHT Security-hans
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment