漏洞描述
未授权访问漏洞是指攻击者未经过身份验证或绕过身份验证机制,就能够访问系统资源或执行敏感操作的安全漏洞。这种漏洞可能导致敏感信息泄露、数据篡改、服务中断等严重后果,给系统安全性带来极大威胁。
Docker Desktop Engine API 未授权访问漏洞
PoC代码
暂无相关漏洞推荐
- WordPress AI Engine /wp-json/mcp/v1 信息泄露漏洞(CVE-2025-11749)
- POC CVE-2021-37415: Zoho ManageEngine ServiceDesk Plus - Authentication Bypass
- POC CVE-2022-29081: Zoho ManageEngine - Access Control Bypass
- POC CVE-2025-11749: WordPress AI Engine Plugin - Token Exposure
- Docker Compose 未授权 路径遍历漏洞
- docker-registry: Docker Registry Listing
- 新华通软件云平台 /Main/Desktop/Default.aspx 权限绕过漏洞
- POC CVE-2008-7269: UC Gateway Investment SiteEngine v5.0 - Open Redirect
- POC CVE-2012-4889: ManageEngine Firewall Analyzer 7.2 - Cross-Site Scripting
- POC CVE-2015-7780: ManageEngine Firewall Analyzer <8.0 - Local File Inclusion
- POC CVE-2016-7834: Sony IPELA Engine IP Camera - Hardcoded Account
- POC CVE-2017-11512: ManageEngine ServiceDesk 9.3.9328 - Arbitrary File Retrieval
- POC CVE-2018-13980: Zeta Producer Desktop CMS <14.2.1 - Local File Inclusion