| 제목 | erjinzhi soft 10 OA V1.0 File Path Traversal |
|---|
| 설명 | During the security review of "10OA",I discovered a critical file path traversal (directory traversal) vulnerability exists in the file.aspx endpoint under the /view/ directory of the 10OA system hosted at https://www.10oa.com. The vulnerability arises from insufficient validation and sanitization of the file query parameter. Attackers can exploit this flaw by submitting maliciously crafted file parameter values containing ../ (dot-dot-slash) sequences to traverse outside the intended file directory and access sensitive system files on the server.
In this case, the vulnerability was successfully exploited to read the Windows system configuration file C:\windows\win.ini—a clear indication that the server does not restrict access to critical system paths. This flaw allows unauthorized access to sensitive files (e.g., configuration files, credentials, log data) and may lead to further server compromise if combined with other vulnerabilities.
|
|---|
| 원천 | ⚠️ https://github.com/1276486/CVE/issues/8 |
|---|
| 사용자 | Zre0x1c (UID 89206) |
|---|
| 제출 | 2025. 08. 28. AM 09:49 (8 개월 ago) |
|---|
| 모더레이션 | 2025. 09. 11. PM 05:11 (14 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 323643 [erjinzhi 10OA 1.0 /view/file.aspx 파일 디렉토리 순회] |
|---|
| 포인트들 | 20 |
|---|