Zhiyuan Oa A8 Status Jsp Information Leakage Vulnerability
Zhiyuan Oa A8 Status Jsp Information Leakage Vulnerability
Zhiyuan OA A8 status.jsp Information leakage vulnerability
Vulnerability Description
Zhiyuan OA A8-m has leaked information on status monitoring pages, where attackers can obtain sensitive information such as website paths and usernames, and further attacks.
Vulnerability Impact
Zhiyuan OA A8-m
Network surveying and mapping
title=”A8-m”
Vulnerability reappears
Visit the monitoring page
/seeyon/management/status.jsp
The backend password is WLCCYBD@SEEYON
After logging in, you can get some sensitive information through the following url
/seeyon/management/status.jsp
/seeyon/logs/login.log
/seeyon/logs/v3x.log
This post is licensed under CC BY 4.0 by the author.