漏洞描述
IP-guard是由溢信科技股份有限公司开发的一款终端安全管理软件,旨在帮助企业保护终端设备安全、数据安全、管理网络使用和简化IT系统管理。攻击者可通过该漏洞绕过前台读取系统重要文件(如数据库配置文件、系统配置文件)、数据库配置文件等等,导致网站处于极度不安全状态。
IP-guard /ipg/appr/MApplyList/downloadFile_client/getdatarecord 权限绕过漏洞
PoC代码
暂无相关漏洞推荐
- ip-guard-webserver-rce: IP-guard WebServer 远程命令执行漏洞
- POC guardduty-findings: Open GuardDuty Findings
- POC credential-guard-disabled: Credential Guard Not Enabled
- POC device-guard-not-configured: Device Guard Not Configured
- POC watchguard-credentials-disclosure: WatchGuard Fireware AD Helper Component - Credentials Disclosure
- POC adguard-installer: AdGuard - Installation
- POC vanguard-post-xss: Vanguard Marketplace CMS 2.1 - Cross-Site Scripting
- POC watchguard-credentials-disclosure: WatchGuard Fireware AD Helper Component - Credentials Disclosure
- IP-guard WebServer mApplyList 权限绕过漏洞
- IP-guard /ipg/appr/MApplyList/downloadFile_client/getdatarecord 文件读取漏洞
- IP-guard getdatarecord 任意文件读取漏洞
- IP-guard view.php 任意文件读取漏洞
- IP-guard WebServer view.php任意文件读取漏洞