CVE-2007-6638 PoC — March Networks DVR3204 'scripts/logfiles.tar.gz' 敏感信息泄露漏洞

Source

https://github.com/alt3kx/CVE-2007-6638

Associated Vulnerability

Title:March Networks DVR3204 'scripts/logfiles.tar.gz' 敏感信息泄露漏洞 (CVE-2007-6638)
Description:March Networks DVR 3204在web根目录下存储敏感信息，而没经过充分的访问控制。这使得远程攻击者可以借助对scripts/logfiles.tar.gz的直接请求获得用户名、密码、设备名以及IP地址。

Description

March Networks DVR 3204 - Logfile Information Disclosure

Readme

# CVE-2007-6638
March Networks DVR 3204 - Logfile Information Disclosure

Exploit-DB publication at https://www.exploit-db.com/exploits/4797/

# Author
Alex Hernandez aka <em><a href="https://twitter.com/_alt3kx_" rel="nofollow">(@\_alt3kx\_)</a></em>

File Snapshot


 [4.0K]  /data/pocs/b0072dc17c7acc5bfa82357e195fbd18ad95d52b
├── [3.3K]  CVE-2007-6638.txt
├── [ 34K]  LICENSE
└── [ 253]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!