Title:NComputing vSpace Pro NC Monitor Server 安全漏洞 (CVE-2018-10201) Description:NComputing vSpace Pro是美国NComputing公司的一套虚拟化桌面软件。NC Monitor Server是其中的一个监控服务器。 NComputing vSpace Pro 10版本和11版本中的NC Monitor Server的NcMonitorServer.exe文件存在安全漏洞。远程攻击者可通过向TCP 8667端口发送带有‘.../’、‘...\’、‘..../’或‘....\’序列并且不带有凭证的URL利用该漏洞读取Web服务器root目录之外的任意文件。
Description
Ncomputing vSpace Pro versions 10 and 11 suffer from a directory traversal vulnerability.
File Snapshot
id: CVE-2018-10201
info:
name: Ncomputing vSPace Pro 10 and 11 - Directory Traversal
author: 0x
...
Shenlong Bot has cached this for you
Remarks
1. It is advised to access via the original source first.2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.