漏洞描述
【漏洞对象】AWStats 【漏洞描述】AWStats存在路径遍历漏洞攻击者可直接访问设备的敏感数据,包括配置文件、日志、源代码等,配合其它漏洞的综合利用,攻击者可以轻易的获取更高的权限。
AWStats-路径遍历(CNPD-201801-0064)(CVE-2010-4369 )
PoC代码
暂无相关漏洞推荐
- POC CVE-2018-10245: AWStats <= 7.5 - Full Path Disclosure
- POC CVE-2009-5020: AWStats < 6.95 - Open Redirect
- POC CVE-2012-4547: AWStats 6.95/7.0 - 'awredir.pl' Cross-Site Scripting
- POC CVE-2017-10974: Yaws 1.91 - Local File Inclusion
- POC unencrypted-aws-ami: Unencrypted AWS AMI
- POC iam-expired-ssl: Remove Expired SSL/TLS Certificates in AWS IAM
- POC iam-mfa-enable: MFA not enabled for AWS IAM Console User
- POC rds-backtrack-disabled: AWS RDS Backtrack - Disabled
- POC vpn-tunnel-down: AWS VPN Tunnel Down
- POC aws-config: AWS Configuration - Detect
- POC aws-credentials: AWS Credentials - Detect
- POC wpconfig-aws-keys: AWS S3 keys Leak
- POC aws-secret-key: AWS Secret Key