漏洞描述
Black Box KVM Firmware存在目录遍历漏洞。此漏洞是由于对用户输入的page参数验证不正确导致的。
Black Box KVM Firmware 目录遍历漏洞
PoC代码
暂无相关漏洞推荐
- POC CVE-2014-3206: Seagate BlackArmor NAS - Command Injection
- POC CVE-2016-1555: NETGEAR WNAP320 Access Point Firmware - Remote Command Injection
- POC CVE-2020-9054: Zyxel NAS Firmware 5.21- Remote Code Execution
- POC CVE-2022-32429: MSNSwitch Firmware MNT.2408 - Authentication Bypass
- POC CVE-2022-33174: Powertek Firmware <3.30.30 - Authorization Bypass
- POC CVE-2022-45699: APsystems ECU-R Firmware - Command Injection
- POC CVE-2023-31446: Cassia Gateway Firmware - Remote Code Execution
- POC CVE-2024-29972: Zyxel NAS326 Firmware < V5.21(AAZF.17)C0 - NsaRescueAngel Backdoor Account
- POC CVE-2024-29973: Zyxel NAS326 Firmware < V5.21(AAZF.17)C0 - Command Injection
- POC parentlink-xss: Blackboard - Cross-Site Scripting
- 汉王e脸通综合管理平台 /manage/dgmCommand/finishRegister.do/..;/..;/systemBlackList/uploadBlackListFile.do 文件上传漏洞
- 汉王e脸通综合管理平台 /manage/systemBlackList/queryBlackList.do SQL 注入漏洞
- 汉王e脸通综合管理平台 uploadBlackListFile.do 任意文件上传漏洞