漏洞描述
【漏洞对象】 Pulse Secure 【涉及版本】Pulse Connect Secure: 9.0RX 8.3RX 8.2RX 【漏洞描述】 PulseSecure PCS9.0RX版本、8.3RX版本和8.2RX版本中存在授权问题漏洞。该漏洞源于网络系统或产品中缺少身份验证措施或身份验证强度不足,进而可以读取/写入任意文件。
Pulse Secure 任意文件读取(CVE-2019-11510)
PoC代码
暂无相关漏洞推荐
- Cisco Secure Firewall Adaptive Security Appliance 缓冲区溢出漏洞
- CVE-2019-11510: Pulse Connect Secure SSL VPN Arbitrary File Read
- Ivanti Pulse Connect Secure VPN /dana-na/auth/saml-sso.cgi XML 外部实体注入漏洞(CVE-2024-22024)
- Cisco Secure Firewall Management Center和Cisco Secure Firewall Threat Defense 操作系统命令注入漏洞
- POC CVE-2025-22457: Ivanti Connect Secure - Stack-based Buffer Overflow
- POC CVE-2016-10960: WordPress wSecure Lite < 2.4 - Remote Code Execution
- POC CVE-2018-10383: Lantronix SecureLinx Spider (SLS) 2.2+ - Cross-Site Scripting
- POC CVE-2018-19439: Oracle Secure Global Desktop Administration Console 4.4 - Cross-Site Scripting
- POC CVE-2019-11510: Pulse Connect Secure SSL VPN Arbitrary File Read
- POC CVE-2021-24931: WordPress Secure Copy Content Protection and Content Locking <2.8.2 - SQL Injection
- POC CVE-2021-31589: BeyondTrust Secure Remote Access Base <=6.0.1 - Cross-Site Scripting
- POC CVE-2022-23854: AVEVA InTouch Access Anywhere Secure Gateway - Local File Inclusion
- POC CVE-2023-22620: SecurePoint UTM 12.x Session ID Leak