漏洞描述
Kyan 网络监控设备 time.php可在身份验证的情况下执行任意命令, 配合账号密码泄露漏洞,可以获取服务器权限,存在远程命令执行漏洞
Kyan 网络监控设备 time.php远程代码执行漏洞
PoC代码
暂无相关漏洞推荐
- mJobtime /Default.aspx/update_profile_Server 命令执行漏洞(CVE-2025-51683)
- Unity Runtime 访问控制不当漏洞
- 用友NC /portal/pt/mtapptimeline/doApply SQL 注入漏洞
- 用友NC mtapptimeline/doApply 存在SQL注入漏洞
- (CVE-2025-41658)CODESYS Runtime Toolkit默认文件权限配置漏洞导致敏感文件泄露
- POC CVE-2024-56331: Uptime-Kuma - Local File Inclusion (LFI)
- POC CVE-2010-4282: phpShowtime 2.0 - Directory Traversal
- POC CVE-2012-0981: phpShowtime 2.0 - Directory Traversal
- POC CVE-2019-18393: Ignite Realtime Openfire <4.42 - Local File Inclusion
- POC CVE-2019-18394: Ignite Realtime Openfire <=4.4.2 - Server-Side Request Forgery
- POC CVE-2021-45043: HD-Network Realtime Monitoring System 2.0 - Local File Inclusion
- POC CVE-2022-29299: SolarView Compact 6.00 - 'time_begin' Cross-Site Scripting
- POC CVE-2023-45826: Leantime < 2.4 - Authenticated SQL Injection