Exploit for Path Traversal in Splunk CVE-2024-36991

Name: Exploit for Path Traversal in Splunk CVE-2024-36991
Rating: 5 (85 reviews)

2025-03-31 | CVSS 7.5

## https://sploitus.com/exploit?id=046C718E-BD66-51BD-BCCD-2A5AF7B1C828
# CVE-2024-36991 - Splunk Path Traversal

Proof of Concept for [CVE-2024-36991](https://nvd.nist.gov/vuln/detail/cve-2024-36991) which allows an attacker to read arbitrary files in `Splunk` for versions below to `9.2.2`, `9.1.5`, and `9.0.10` for `Windows`.

## Usage

### Read Splunk configuration files

To read `Splunk` files just run the script passing the target URL running `Splunk` and the configuration file you want to read. For example:
```shell-session
python3 CVE-2024-36991.py -u 'https://example.com:8000' -f '/etc/auth/splunk.secret'
```

### Read Windows system files

To read `Windows` system files just add the flag `--system-files`. For example:
```shell-session
python3 CVE-2024-36991.py -u http://haze.htb:8000 -f '/Windows/System32/drivers/etc/hosts' --system-files
```

---

Always use this tool for good purposes. Be ethical (: