漏洞描述
锐捷EG易网关是一款综合网关产品,集成了先进的软硬件体系构架,并配备了DP深入分析引擎、行为分析管理引擎。这款产品能在保证网络出口高效转发的基础上,提供专业的流控功能、出色的URL过滤以及本地化的日志存储审计服务。其nginx.conf接口存在信息泄露漏洞,未授权的攻击者可能通过此接口获得敏感信息。
锐捷EG易网关管理系统 nginx.conf 信息泄露漏洞
PoC代码
暂无相关漏洞推荐
- 锐捷 EG 易网关默认口令漏洞
- POC nginx-status-403-bypass: Nginx Status Page - 403 Bypass
- nginxWebUI cmdOver 远程命令执行漏洞
- POC nginx-merge-slashes-path-traversal: Nginx Merge Slashes Path Traversal
- POC nginxwebui-admin-bypass: NginxWebUI admin认证绕过(全版本通杀)
- POC nginxwebui-rce: Nginx Web UI RCE
- POC phpstudy-nginx-wrong-resolve: Phpstudy Nginx Wrong Resolve
- POC file-disable-nginx-server-tokens: Disbale Nginx Server Tokens
- POC file-missing-nginx-bof-protection: Missing Nginx Buffer Overflow Protection
- POC file-missing-nginx-xss-protection: Missing Nginx XSS Protection
- POC file-missing-nginx-hsts: Missing Nginx HSTS
- POC file-missing-nginx-rate-limiting: Missing Nginx Rate Limiting Configuration
- POC nginx-proxy-manager-default-login: Nginx Proxy Manager - Default Login