漏洞描述
国网统一权限登录server.keystore信息泄漏,使用该keystore文件,可对通信流量进行解密,使ssl加密形同虚设,造成严重信息泄露
统一权限登录server.keystore信息泄漏漏洞
PoC代码
暂无相关漏洞推荐
- (CVE-2023-53878)Member Login Script 3.3客户端去同步漏洞
- POC CVE-2021-37415: Zoho ManageEngine ServiceDesk Plus - Authentication Bypass
- POC CVE-2023-23897: Ozette Plugins - Cross-Site Request Forgery
- POC x-backend-server-header-detect: X-Backend-Server Header - Exposure
- POC wp-woocommerce-admin-fpd: WordPress Plugin WooCommerce Admin (woocommerce-admin) Full Path Disclosure
- 蓝凌EIS智慧协同平台 /mail/mail_server.aspx/mail_xml XML 外部实体注入漏洞
- POC CVE-2017-5983: JIRA Workflow Designer Plugin in Atlassian JIRA Server > 6.3.0 - Remote Code Execution (XXE)
- POC CVE-2021-4449: ZoomSounds Plugin - Unauthenticated Arbitrary File Upload
- POC CVE-2023-38875: PHP Login System 2.0.1 - Cross-Site Scripting
- POC CVE-2023-5815: News & Blog Designer Pack – WordPress Blog Plugin <= 3.4.1 - Unauthenticated Local File Inclusion
- POC CVE-2025-64764: Astro - Reflected XSS via server islands feature
- POC nginx-status-403-bypass: Nginx Status Page - 403 Bypass
- 万户OA officeserver 任意文件上传漏洞