Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2009-1558 PoC — Linksys WVC54GCA adm/file.cgi文件多个目录遍历漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2009/CVE-2009-1558.yaml
Associated Vulnerability
Title:Linksys WVC54GCA adm/file.cgi文件多个目录遍历漏洞 (CVE-2009-1558)
Description:Linksys WVC54GCA是一款无线网络摄像头。 Linksys WVC54GCA控制台的adm/file.cgi文件存在多个目录遍历漏洞,远程攻击者可以通过在提交给该文件的this_file或next_file参数中包含目录遍历序列读取任意文件。
Description
Cisco Linksys WVC54GCA 1.00R22/1.00R24 is susceptible to local file inclusion in adm/file.cgi because it allows remote attackers to read arbitrary files via a %2e. (encoded dot dot) or an absolute pathname in the next_file parameter.
File Snapshot

 id: CVE-2009-1558

info:
  name: Cisco Linksys WVC54GCA 1.00R22/1.00R24 - Local File Inclusion
  aut

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.