← Advisories

Longjing Technology BEMS API 1.21 Remote Arbitrary File Download

High

Advisory ID

ZSL-2021-5657

Release Date

28 July 2021

Vendor

Longjing Technology - http://www.ljkj2012.com

Affected Version

1.21

CVE

CVE-2021-4463

Tested On

nginx/1.19.1

Summary

Battery Energy Management System.

Description

The application suffers from an unauthenticated arbitrary file download vulnerability. Input passed through the fileName parameter through downloads endpoint is not properly verified before being used to download files. This can be exploited to disclose the contents of arbitrary and sensitive files through directory traversal attacks.

Proof of Concept

longjingbems_fd.txtTXT

Disclosure Timeline

N/A

Credits

Vulnerability discovered by Gjoko Krstic

References

[1]https://www.exploit-db.com/exploits/50163

[2]https://packetstormsecurity.com/files/163702

[3]https://cxsecurity.com/issue/WLB-2021070173

[4]https://exchange.xforce.ibmcloud.com/vulnerabilities/206477

[5]https://www.vulncheck.com/advisories/longjing-technology-bems-api-remote-arbitrary-file-download

[6]https://www.cve.org/CVERecord?id=CVE-2021-4463

Changelog

28.07.2021Initial release

30.07.2021Added reference [1] and [2]

02.08.2021Added reference [3] and [4]

13.11.2025Added reference [5] and [6]