Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2020-19360 PoC — FHEM 信息泄露漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2020/CVE-2020-19360.yaml
Associated Vulnerability
Title:FHEM 信息泄露漏洞 (CVE-2020-19360)
Description:FHEM是FHEM社区的一个基于Perl用于为房屋自动化的智能设备进行控制的服务端程序。该程序作为服务器运行,您可以通过Web或智能手机前端,telnet或TCP / IP直接对其进行控制,自动执行家庭中的一些常见任务,例如开关灯/百叶窗/取暖等,并记录温度/湿度/功耗等事件。 FHEM 6.0 存在信息泄露漏洞,攻击者可利用该漏洞获取敏感信息。
Description
FHEM version 6.0 suffers from a local file inclusion vulnerability.
File Snapshot

 id: CVE-2020-19360

info:
  name: FHEM 6.0 - Local File Inclusion
  author: 0x_Akoko
  severity: hig

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.