漏洞描述
Alien ALR-F800是Alien公司的一款RFID传感器。ALR-F800中存在命令注入漏洞。此漏洞是由于system.html对用户上传文件的文件名缺乏校验导致的。
Alien ALR-F800 system.html 命令注入漏洞
PoC代码
暂无相关漏洞推荐
- Fortinet FortiWeb /api/v2.0/cmdb/system/admin%3f/../../../../../cgi-bin/fwbcgi 权限绕过漏洞(CVE-2025-64446/CVE-2025-58034)
- Fortinet FortiWeb /api/v2.0/cmdb/system/admin%3f/../../../../../cgi-bin/fwbcgi 权限绕过漏洞(CVE-2025-64446)
- Optilink 管理系统 /cgi/fsystem/gene.php 命令执行漏洞
- Omnissa Workspace ONE UEM /DevicesGateway/apps/system-app-metadata 目录遍历漏洞(CVE-2025-25231)
- POC CVE-2022-45699: APsystems ECU-R Firmware - Command Injection
- POC azure-apim-system-assigned-identity-unconfigured: Azure API Management Service System-Assigned Managed Identity Not Configured
- POC azure-functionapp-system-assigned-missing: System-Assigned Managed Identities for Azure Functions
- POC baiteng-customer-relationship-system-weak-password: 百腾客户关系系统弱口令
- POC dlink-sharecenter-dns-320-rce: D-Link ShareCenter DNS-320 system_mgr.cgi 远程命令执行漏洞
- POC e-learning-system-authentication-bypass-rce: E-Learning System 1.0 - Authentication Bypass
- POC k8s-readonly-fs: Enforce Read-Only Filesystem for Containers
- POC k8s-readonly-rootfs: Pods with read-only root filesystem
- POC jinpan-weichatcfg-disclosure: 金盘微信管理平台 getsysteminfo信息泄露