Incorrect access control IAC 复现问题

NSSL-SJTU / SaTC

A prototype of Shared-keywords aware Taint Checking, a novel static analysis approach that tracks the data flow of the user input between front-end and back-end to precisely detect security vulnerabilities.

274 stars 48 forks source link

Incorrect access control IAC 复现问题 #37

Open qijiale opened 2 months ago

qijiale commented 2 months ago

作者您好，论文中提到发现了 IAC 漏洞，比如D-Link中的DIR 823G。复现这类漏洞命令是什么呢？是使用哪个ref2sink_cmdi 还是ref2sink_bof，谢谢。