| Titel | SeriaWei ZKEACMS v4.3 Non-blind SSRF |
|---|
| Beschreibung | The Proxy method in MediaController allows users to request the content of an arbitrary URL. Although this operation requires ViewMedia permission, once the attacker has the corresponding permissions, he can use this vulnerability to detect the company's intranet and attack the intranet services. |
|---|
| Quelle | ⚠️ https://github.com/August829/Yu/blob/main/58ead8e7e08bfb022.md |
|---|
| Benutzer | Yu_Bao (UID 89348) |
|---|
| Einreichung | 05.09.2025 04:31 (vor 9 Monaten) |
|---|
| Moderieren | 15.09.2025 11:59 (10 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 323890 [ZKEACMS 4.3 MediaController.cs Proxy url erweiterte Rechte] |
|---|
| Punkte | 17 |
|---|