ElasticSearch Snapshot API Directory Traversal

This Metasploit module exploits a directory traversal vulnerability in ElasticSearch, allowing an attacker to read arbitrary files with JVM process privileges, through the Snapshot API.

Continue reading...