Wavemaker Studio 6.6 LFI/SSRF Vulnerabilities CVE-2019-8982 Scanner

Details
Stay Up To Date
Asset Type

DOMAIN,IP,URL

Need Membership

Yes

Asset Verify

Yes

API Support

Yes

Estimate Time (Second)

15

Wavemaker Studio 6.6 LFI/SSRF Vulnerabilities CVE-2019-8982 Scanner Detail

In Wavemaker Studio 6.6, there are Local File Inclusion and Server Side Request Forgery vulnerabilities.

com/wavemaker/studio/StudioService.java in WaveMaker Studio 6.6 mishandles the studioService.download?method=getContent&inUrl= value, leading to disclosure of local files and SSRF.

Some Advice for Common Problems

You need to update to latest version.

Community Discussions

Need a Full Assesment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service