CVE-2023-26802 PoC — Digital China Networks DCBI-Netlog-LAB 路径遍历漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2023/CVE-2023-26802.yaml

Associated Vulnerability

Title:Digital China Networks DCBI-Netlog-LAB 路径遍历漏洞 (CVE-2023-26802)
Description:Digital China Networks DCBI-Netlog-LAB（DCN DCBI-Netlog-LAB）是中国神州数码（Digital China Networks）公司的一个上网行为日志系统。 Digital China Networks DCBI-Netlog-LAB v1.0版本存在安全漏洞。攻击者利用该漏洞绕过身份验证并通过特制的请求执行任意命令。

Description

An issue in the component /network_config/nsg_masq.cgi of DCN (Digital China Networks) DCBI-Netlog-LAB v1.0 allows attackers to bypass authentication and execute arbitrary commands via a crafted request.

File Snapshot


 id: CVE-2023-26802

info:
  name: DCBI-Netlog-LAB v1.0 - Command Injection
  author: pussycat0x
  se

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!