漏洞描述
Twonky Server 是一款流媒体服务器软件,其 /nmc/rpc/log_getfile 接口存在信息泄露漏洞。攻击者可以通过未授权访问该接口获取敏感日志文件,可能导致敏感信息泄露。
Twonky Server /nmc/rpc/log_getfile 信息泄露漏洞(CVE-2025-13315)
PoC代码
暂无相关漏洞推荐
- POC CVE-2021-2135: Oracle WebLogic Server - Remote Code Execution
- POC CVE-2024-31223: Fides Privacy Center ≤ 2.39.1 - Server-Side URL Disclosure
- POC CVE-2025-5301: ONLYOFFICE Docs (DocumentServer) - Reflected Cross-Site Scripting
- POC CVE-2025-55182: React Server Components - Remote Code Execution
- POC x-backend-server-header-detect: X-Backend-Server Header - Exposure
- Ilevia EVE X1 Server存在信息泄露漏洞
- Ilevia EVE X1 Server存在远程命令执行
- Ilevia EVE X1 Server存在远程命令执行
- POC React Server Components 远程代码执行漏洞(CVE-2025-55182)
- POC CVE-2017-5983: JIRA Workflow Designer Plugin in Atlassian JIRA Server > 6.3.0 - Remote Code Execution (XXE)
- POC CVE-2024-20404: Cisco Finesse - Server-Side Request Forgery (SSRF)
- POC CVE-2025-10211: ChanCMS <= 3.3.0 - Server-Side Request Forgery
- POC CVE-2025-13315: Twonky Server 8.5.2 on Linux and Windows - Log File Exposure