admin/GobyVuls
1
0
Fork 0
mirror of https://github.com/gobysec/GobyVuls.git synced 2025-05-05 10:16:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

Create CVE-2023-25814.md

Browse Source
This commit is contained in:
之乎者也 2023-04-13 15:47:43 +08:00 committed by GitHub
parent c391b1f60c
commit 289598cea6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
CVE-2023-25814.md Normal file
View File

@ -0,0 +1,12 @@
## MeterSphere File Read Vulnerability(CVE-2023-25814)
|   **Vulnerability** | **MeterSphere File Read Vulnerability(CVE-2023-25814)** |
| :----: | :-----|
|  **Chinese name** | MeterSphere 文件读取漏洞CVE-2023-25814 |
| **CVSS core** | 7.5 |
| **FOFA Query** (click to view the results directly)| [app="FIT2CLOUD-MeterSphere"](https://en.fofa.info/result?qbase64=YXBwPSJGSVQyQ0xPVUQtTWV0ZXJTcGhlcmUi) |
| **Number of assets affected** | 2552 |
| **Description** | MeterSphere is a one-stop open source continuous testing platform, covering functions such as test tracking, interface testing, UI testing and performance testing, and is fully compatible with mainstream open source standards such as JMeter and Selenium. MeterSphere has an unauthorized arbitrary file read vulnerability. |
| **Impact** | Attackers can use this vulnerability to read the leaked source code, database configuration files, etc., resulting in an extremely insecure website. |
![](https://s3.bmp.ovh/imgs/2023/04/07/4fd8616dc5a1c81c.gif)