漏洞描述
厦门四信通信科技有限公司是一家专注于LoRa、NB-IoT、ZigBee、2.5G、3G、4G、5G等无线通讯模组和终端产品,其中监控管理主机Web系统存在备份文件下载,通过db文件可以查看到账户密码,用户进入后台可进行敏感性操作。
厦门四信监控管理主机 backup.zip 敏感信息泄露
PoC代码
暂无相关漏洞推荐
- 畅捷通-TPlus /tplus/ajaxpro/ASP_sm_setupaccount_versionupdate_selectbackupfileonserver_aspx App_Web_selectbackupfileonserver.aspx.1cbd2a00.ashx 目录遍历漏洞
- phpMyFAQ /api/setup/backup 信息泄露漏洞(CVE-2025-69200)
- backup-files: Compressed Backup File - Detect
- POC cache-automatic-backups-disabled: ElastiCache Automatic Backups - Disabled
- POC rds-automated-backup-disabled: RDS Automated Backups - Disabled
- POC rds-backup-enable: RDS Automated Backup Check
- POC azure-appservice-backup-not-enabled: Azure App Service Automated Backup Not Configured
- POC azure-appservice-backup-retention-missing: Azure App Service Backup Retention Not Configured
- POC azure-postgresql-geo-backup-disabled: Azure PostgreSQL Geo-Redundant Backup Not Enabled
- POC gcloud-filestore-no-backups: Filestore Instance Not Using On-Demand Backup
- POC gcloud-gke-backups-disabled: GKE Clusters Without Backups Enabled
- POC gcloud-sql-backups-disabled: Automated Backups Not Enabled for Cloud SQL Instances
- POC adb-backup-enabled: ADB Backup Enabled