• Здраво и добредојдовте на форумот на IT.mk.

    Доколку сеуште не сте дел од најголемата заедница на ИТ професионалци и ентузијасти во Македонија, можете бесплатно да се - процесот нема да ви одземе повеќе од 2-3 минути, а за полесна регистрација овозможивме и регистрирање со Facebook и Steam.

ReQuest Serious Play Media Player 3.0 Directory Traversal File Disclosure Vulnerability

  • Ја почнал/а темата
  • #1

zeroscience

ZSL Bot v4.89.1.00
31 мај 2010
673
516
www.zeroscience.mk
Код:
ReQuest Serious Play Media Player 3.0 Directory Traversal File Disclosure Vulnerability


Vendor: ReQuest Serious Play LLC
Product web page: http://www.request.com
Affected version: 3.0.0
                  2.1.0.831
                  1.5.2.822
                  1.5.2.821
                  1.5.1.820

Summary: With the MediaPlayer, ReQuest delivers video content and award-winning
distributed music capabilities. Up to 4 MediaPlayers (15 when coupled with an
approved NAS) can be connected through your home network to your ReQuest system,
delivering HD video to your television in 1080p via HDMI outputs.

Desc: The device suffers from an unauthenticated file disclosure vulnerability
when input passed through the 'file' parameter in tail.html and file.html script
is not properly verified before being used to read web log files. This can be
exploited to disclose contents of files from local resources.

Tested on: ReQuestHTTP/0.1 httpserver/0.1


Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
                            @zeroscience


Advisory ID: ZSL-2020-5599
Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5599.php


01.08.2020

--


http://192.168.1.17:8001/tail.html?file=[file]
http://192.168.1.17:8001/file.html?file=[file]

 

Нови мислења

Последни Теми

Статистика

Теми
42,570
Мислења
820,696
Членови
28,228
Најнов член
Nikojsi
На врв Дно