漏洞描述
CVE-2018-13379是SSL VPN中的一个目录遍历漏洞,该漏洞源于网络系统或产品未能正确地过滤资源或文件路径中的特殊元素,导致攻击者可利用该漏洞访问受限目录之外的文件。
飞塔SSL VPN文件读取漏洞(CVE-2018-13379)
PoC代码
暂无相关漏洞推荐
- POC wp-ssl-insecure-content-fixer-fpd: WordPress Plugin SSL Insecure Content Fixer - Full Path Disclosure
- H3C SSL VPN 安全漏洞
- AllinSSL存在默认口令
- CVE-2019-11510: Pulse Connect Secure SSL VPN Arbitrary File Read
- Grafana /avatar 服务器端请求伪造漏洞(CVE-2020-13379)
- POC CVE-2014-0160: OpenSSL Heartbleed Vulnerability
- POC CVE-2022-42475: Fortinet SSL-VPN - Heap-Based Buffer Overflow
- POC CVE-2017-14186: FortiGate FortiOS SSL VPN Web Portal - Cross-Site Scripting
- POC CVE-2018-13379: Fortinet FortiOS - Credentials Disclosure
- POC CVE-2019-11510: Pulse Connect Secure SSL VPN Arbitrary File Read
- POC CVE-2020-13379: Grafana 3.0.1-7.0.1 - Server-Side Request Forgery
- POC CVE-2022-29383: NETGEAR ProSafe SSL VPN firmware - SQL Injection
- POC CVE-2022-35416: H3C SSL VPN <=2022-07-10 - Cross-Site Scripting