Create Hikvision_NCG_Networking_Gateway_login.php_Directory_traversal_Vulnerability.md

add Hikvision NCG Networking Gateway login.php Directory traversal Vulnerability
2025-05-05 18:27:13 +00:00 · 2023-05-23 15:51:51 +08:00 · 2023-05-23 15:51:51 +08:00 · 160fcb78c2
commit 160fcb78c2
parent d55f0e12e7
1 changed files with 13 additions and 0 deletions
--- a/Hikvision_NCG_Networking_Gateway_login.php_Directory_traversal_Vulnerability.md
+++ b/Hikvision_NCG_Networking_Gateway_login.php_Directory_traversal_Vulnerability.md
@ -0,0 +1,13 @@
+
+## Hikvision NCG Networking Gateway login.php Directory traversal Vulnerability
+
+|   **Vulnerability**  | **Hikvision NCG Networking Gateway login.php Directory traversal Vulnerability**  |
+| :----:   | :-----|
+|  **Chinese name**  | 海康威视 NCG 联网网关 login.php 文件目录遍历漏洞 |
+| **CVSS core**  | 7.8 |
+| **FOFA Query**  (click to view the results directly)| [body="data/login.php"](https://en.fofa.info/result?qbase64=Ym9keT0iZGF0YS9sb2dpbi5waHAi) |
+| **Number of assets affected**  | 735 |
+| **Description**  | The Hikvision NCG Networking Gateway  of Hikvision is a carrier level network gateway device integrating signaling gateway service, media gateway service, security authentication, authority management, log management and network management functions. An attacker can read important system files (such as database configuration files, system configuration files), database configuration files, etc. through this vulnerability, causing the website to be in an extremely insecure state. |
+| **Impact** | An attacker can read important system files (such as database configuration files, system configuration files), database configuration files, etc. through this vulnerability, causing the website to be in an extremely insecure state. |
+
+![](https://s3.bmp.ovh/imgs/2023/05/23/a4a531adf15cb89f.gif)