漏洞描述
HIKVISION iSecureCenter综合安防管理平台是一套“集成化”、“智能化”的平台,通过接入视频监控、一卡通、停车场、报警检测等系统的设备,获取边缘节点数据,实现安防信息化集成与联动,以电子地图为载体,融合各系统能力实现丰富的智能应用。该平台存在任意文件上传漏洞,攻击者可以利用该漏洞获取服务器权限。
HIKVISION iSecure Center综合安防管理平台任意文件上传
PoC代码
暂无相关漏洞推荐
- 华天软件InforCenter PLM uploadFileHttp 任意文件上传漏洞
- POC 用友NC IMsgCenterWebService 命令执行漏洞
- Cisco Secure Firewall Management Center和Cisco Secure Firewall Threat Defense 操作系统命令注入漏洞
- POC CVE-2017-18542: Zendesk Help Center by BestWebSoft < 1.0.5 - Cross-Site Scripting
- POC CVE-2018-2791: Oracle Fusion Middleware WebCenter Sites - Cross-Site Scripting
- POC CVE-2018-3238: Oracle Fusion Middleware WebCenter Sites 11.1.1.8.0 - Cross-Site Scripting
- POC CVE-2018-7314: Joomla! Component PrayerCenter 3.0.2 - SQL Injection
- POC CVE-2019-11580: Atlassian Crowd and Crowd Data Center - Unauthenticated Remote Code Execution
- POC CVE-2019-12985: Citrix SD-WAN Center - Remote Command Injection
- POC CVE-2019-12986: Citrix SD-WAN Center - Remote Command Injection
- POC CVE-2019-12987: Citrix SD-WAN Center - Remote Command Injection
- POC CVE-2019-12988: Citrix SD-WAN Center - Remote Command Injection
- POC CVE-2019-12990: Citrix SD-WAN Center - Local File Inclusion