Share
## https://sploitus.com/exploit?id=6EDC0A5A-48CE-572A-8456-13109C918F57
#Lanproxy Directory Traversal Vulnerability CVE-2021-3019

## Vulnerability Description

Lanproxy is a private network penetration tool that proxies local area network computers and servers to the public network. It supports TCP traffic forwarding and can handle any TCP upper-layer protocol (such as accessing internal websites, debugging local payment interfaces, SSH access, remote desktops, etc.). This vulnerability in Lanproxy’s path traversal mechanism (CVE-2021-3019) allows for the reading of arbitrary files by bypassing the file system. This vulnerability enables directory traversal to obtain credentials for internal network connections.

## Affected Versions

Lanproxy 0.1

## Network Visualization

header="Server: LPS-0.1"

## Example of Vulnerability Exploitation

![}TJXP1GP@NI2TWQ21HC`7N6](https://github.com/a1665454764/CVE-2021-3019/assets/143511005/1804d8e9-5a17-4de0-90ae-7a7acf1e8364)
![5E45A5 FUD~7PK9ASU_80HV](https://github.com/a1665454764/CVE-2021-3019/assets/143511005/98b80153-c27b-4777-b558-dc861c34efbd)