Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2013-4547 PoC — F5 Nginx 权限许可和访问控制漏洞

Source
https://github.com/Threekiii/Awesome-POC/blob/master/%E4%B8%AD%E9%97%B4%E4%BB%B6%E6%BC%8F%E6%B4%9E/Nginx%20%E6%96%87%E4%BB%B6%E5%90%8D%E9%80%BB%E8%BE%91%E6%BC%8F%E6%B4%9E%20CVE-2013-4547.md
Associated Vulnerability
Title:F5 Nginx 权限许可和访问控制漏洞 (CVE-2013-4547)
Description:F5 Nginx是美国F5公司的一款轻量级Web服务器/反向代理服务器及电子邮件(IMAP/POP3)代理服务器,在BSD-like协议下发行。 F5 Nginx 0.8.41版本至1.4.3版本、1.5.x版本至1.5.7之前版本存在权限许可和访问控制问题漏洞。攻击者利用该漏洞通过URI中的未转义空格字符绕过预期限制。
File Snapshot

 # Nginx 文件名逻辑漏洞 CVE-2013-4547

## 漏洞描述

参考链接:

- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.