微软安全更新多个产品高危漏洞通告(CVE-2020-1054、CVE-2020-1067、CVE-2020-1153、CVE-2020-1062、CVE-2020-1023、CVE-2020-1024、CVE-2020–1102和CVE-2020-1069、CVE-2020-0901)
来源:scanv2020.05.16一 漏洞概述
本月,微软共发布111个漏洞的补丁程序,影响较大的漏洞如下,其中,CVE-2020-1062、CVE-2020-1153、CVE-2020-1054、CVE-2020-1143、CVE-2020-1035被微软标记为“Exploitation More Likely”。
CVE-2020-1062 Internet Explorer 内存破坏漏洞
Internet Explorer在处理内存中的对象时,存在一个远程代码执行漏洞。攻击者可通过构造特制的站点、攻击脆弱网站、向内容或广告服务提供商添加特制内容,并诱导用户访问来利用此漏洞,攻击者还可以通过向用户发送邮件或即时消息并诱导用户点击链接或打开附件来利用此漏洞,成功利用此漏洞的远程攻击者可在目标系统上以该用户权限执行任意代码。
CVE-2020-1153 Microsoft Graphics Components 远程代码执行漏洞
Microsoft Graphics Components在处理内存中的对象时,存在远程代码执行漏洞。攻击者可通过诱导用户打开特制文件来利用此漏洞,成功利用此漏洞的远程攻击者可在目标系统上执行任意代码。
Win32k权限提升漏洞
Windows kernel-mode driver在处理内存中的对象时,存在两个权限提升漏洞(CVE-2020-1054、CVE-2020-1143)。攻击者可通过登录目标系统并运行特制程序来利用此漏洞,成功利用此漏洞的攻击者可在目标系统内核模式下运行任意代码。
CVE-2020-1035 VBScript远程代码执行漏洞
VBScript引擎在处理内存中的对象时,存在远程代码执行漏洞。攻击者可通过诱导用户访问特制网站或通过诱导用户打开嵌入标记为“初始化安全”的ActiveX控件的应用程序或Microsoft Office文档等方式来利用此漏洞,攻击者还可以通过攻击脆弱网站、向内容或广告服务提供商添加特制内容来利用此漏洞。成功利用此漏洞的远程攻击者可在目标系统上以该用户权限执行任意代码。
Microsoft SharePoint 远程代码执行漏洞
Microsoft SharePoint在检查应用程序包的源标记时,存在三个远程代码执行漏洞(CVE-2020-1023、CVE-2020-1024、CVE-2020-1102)。攻击者可通过向受影响SharePoint上传特制SharePoint应用程序包来利用此漏洞,成功利用此漏洞的攻击者可在 SharePoint应用程序池和SharePoint服务器账户的上下文中执行任意代码。
Media Foundation 内存破坏漏洞
Windows Media Foundation在处理内存中的对象时,存在三个远程代码执行漏洞(CVE-2020-1028、CVE-2020-1126、CVE-2020-1136)。攻击者可通过构造特制的站点并诱导用户访问或向用户发送特制文件并诱导用户打开来利用此漏洞,成功利用此漏洞的远程攻击者可在目标系统上以该用户权限执行任意代码。
CVE-2020-1056 Microsoft Edge 权限提升漏洞
Microsoft Edge在实施跨域策略时,存在权限提升漏洞,该漏洞允许攻击者从一个域获取信息并将其注入另一个域。攻击者可通过构造特制的站点、攻击脆弱网站、向内容或广告服务提供商添加特制内容,并诱导用户访问来利用此漏洞,成功利用此漏洞的远程攻击者可在受影响版本的Microsoft Edge中提升特权。
CVE-2020-1117 Microsoft Color Management 远程代码执行漏洞
Microsoft Color Management在处理内存中的对象时,存在远程代码执行漏洞。攻击者可通过构造特制的站点并诱导用户访问或通过向用户发送邮件或即时消息并诱导用户点击链接或打开附件来利用此漏洞,成功利用此漏洞的远程攻击者可在目标系统上以该用户权限执行任意代码。
二 影响版本
CVE-2020-1062:
Internet Explorer 11 on Windows 10 for 32-bit Systems
Explorer 11 on Windows 10 for x64-based Systems
Explorer 11 on Windows 10 Version 1607 for 32-bit Systems
Explorer 11 on Windows 10 Version 1607 for x64-based Systems
Explorer 11 on Windows 10 Version 1709 for 32-bit Systems
Explorer 11 on Windows 10 Version 1709 for ARM64-based Systems
Explorer 11 on Windows 10 Version 1709 for x64-based Systems
Explorer 11 on Windows 10 Version 1803 for 32-bit Systems
Explorer 11 on Windows 10 Version 1803 for ARM64-based Systems
Explorer 11 on Windows 10 Version 1803 for x64-based Systems
Explorer 11 on Windows 10 Version 1809 for 32-bit Systems
Explorer 11 on Windows 10 Version 1809 for ARM64-based Systems
Explorer 11 on Windows 10 Version 1809 for x64-based Systems
Explorer 11 on Windows 10 Version 1903 for 32-bit Systems
Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems
Explorer 11 on Windows 10 Version 1903 for x64-based Systems
Explorer 11 on Windows 10 Version 1909 for 32-bit Systems
Explorer 11 on Windows 10 Version 1909 for ARM64-based Systems
Explorer 11 on Windows 10 Version 1909 for x64-based Systems
Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1
Explorer 11 on Windows 7 for x64-based Systems Service Pack 1
Explorer 11 on Windows 8.1 for 32-bit systems
Explorer 11 on Windows 8.1 for x64-based systems
Explorer 11 on Windows RT 8.1
Internet Explorer 9 on Windows Server 2008 for 32-bit Systems Service Pack 2
Internet Explorer 9 on Windows Server 2008 for x64-based Systems Service Pack 2
Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1
Explorer 11 on Windows Server 2012
Explorer 11 on Windows Server 2012 R2
Explorer 11 on Windows Server 2016
Explorer 11 on Windows Server 2019
CVE-2020-1153:
Windows 10 Version 1803 for 32-bit Systems
Windows 10 Version 1803 for x64-based Systems
Windows Server, version 1803 (Server Core Installation)
Windows 10 Version 1803 for ARM64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows Server, version 1909 (Server Core installation)
Windows 10 Version 1709 for 32-bit Systems
Windows 10 Version 1709 for x64-based Systems
Windows 10 Version 1709 for ARM64-based Systems
Windows 10 Version 1903 for 32-bit Systems
Windows 10 Version 1903 for x64-based Systems
Windows 10 Version 1903 for ARM64-based Systems
Windows Server, version 1903 (Server Core installation)
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for Itanium-Based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
CVE-2020-1054:
Windows 10 Version 1803 for 32-bit Systems
Windows 10 Version 1803 for x64-based Systems
Windows Server, version 1803 (Server Core Installation)
Windows 10 Version 1803 for ARM64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows Server, version 1909 (Server Core installation)
Windows 10 Version 1709 for 32-bit Systems
Windows 10 Version 1709 for x64-based Systems
Windows 10 Version 1709 for ARM64-based Systems
Windows 10 Version 1903 for 32-bit Systems
Windows 10 Version 1903 for x64-based Systems
Windows 10 Version 1903 for ARM64-based Systems
Windows Server, version 1903 (Server Core installation)
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for Itanium-Based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
CVE-2020-1143:
Windows 10 Version 1803 for 32-bit Systems
Windows 10 Version 1803 for x64-based Systems
Windows Server, version 1803 (Server Core Installation)
Windows 10 Version 1803 for ARM64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows Server, version 1909 (Server Core installation)
Windows 10 Version 1709 for 32-bit Systems
Windows 10 Version 1709 for x64-based Systems
Windows 10 Version 1709 for ARM64-based Systems
Windows 10 Version 1903 for 32-bit Systems
Windows 10 Version 1903 for x64-based Systems
Windows 10 Version 1903 for ARM64-based Systems
Windows Server, version 1903 (Server Core installation)
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for Itanium-Based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
CVE-2020-1035:
Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 1803 for ARM64-based Systems
Internet Explorer 11 on Windows 10 Version 1809 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 1809 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 1809 for ARM64-based Systems
Internet Explorer 11 on Windows Server 2019
Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 1909 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 1909 for ARM64-based Systems
Internet Explorer 11 on Windows 10 Version 1709 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 1709 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 1709 for ARM64-based Systems
Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems
Internet Explorer 11 on Windows 10 for 32-bit Systems
Internet Explorer 11 on Windows 10 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems
Internet Explorer 11 on Windows Server 2016
Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1
Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1
Internet Explorer 11 on Windows 8.1 for 32-bit systems
Internet Explorer 11 on Windows 8.1 for x64-based systems
Internet Explorer 11 on Windows RT 8.1 4556846 Monthly Rollup
Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1
Internet Explorer 11 on Windows Server 2012
Internet Explorer 11 on Windows Server 2012 R2
Internet Explorer 9 on Windows Server 2008 for 32-bit Systems Service Pack 2
Internet Explorer 9 on Windows Server 2008 for x64-based Systems Service Pack 2
CVE-2020-1023:
Microsoft SharePoint Enterprise Server 2016
Microsoft SharePoint Server 2019
Microsoft SharePoint Foundation 2013 Service Pack 1
CVE-2020-1024:
Microsoft SharePoint Enterprise Server 2016
Microsoft SharePoint Server 2019
Microsoft SharePoint Foundation 2013 Service Pack 1
CVE-2020-1102:
Microsoft SharePoint Enterprise Server 2016
Microsoft SharePoint Server 2019
CVE-2020-1028:
Windows 10 Version 1803 for 32-bit Systems
Windows 10 Version 1803 for x64-based Systems
Windows Server, version 1803 (Server Core Installation)
Windows 10 Version 1803 for ARM64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows Server, version 1909 (Server Core installation)
Windows 10 Version 1709 for 32-bit Systems
Windows 10 Version 1709 for x64-based Systems
Windows 10 Version 1709 for ARM64-based Systems
Windows 10 Version 1903 for 32-bit Systems
Windows 10 Version 1903 for x64-based Systems
Windows 10 Version 1903 for ARM64-based Systems
Windows Server, version 1903 (Server Core installation)
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows Server 2016
Windows Server 2016 (Server Core installation)
CVE-2020-1126:
Windows 10 Version 1803 for 32-bit Systems
Windows 10 Version 1803 for x64-based Systems
Windows Server, version 1803 (Server Core Installation)
Windows 10 Version 1803 for ARM64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows Server, version 1909 (Server Core installation)
Windows 10 Version 1709 for 32-bit Systems
Windows 10 Version 1709 for x64-based Systems
Windows 10 Version 1709 for ARM64-based Systems
Windows 10 Version 1903 for 32-bit Systems
Windows 10 Version 1903 for x64-based Systems
Windows 10 Version 1903 for ARM64-based Systems
Windows Server, version 1903 (Server Core installation)
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows Server 2016
Windows Server 2016 (Server Core installation)
CVE-2020-1136:
Windows 10 Version 1803 for 32-bit Systems
Windows 10 Version 1803 for x64-based Systems
Windows Server, version 1803 (Server Core Installation)
Windows 10 Version 1803 for ARM64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows Server, version 1909 (Server Core installation)
Windows 10 Version 1709 for 32-bit Systems
Windows 10 Version 1709 for x64-based Systems
Windows 10 Version 1709 for ARM64-based Systems
Windows 10 Version 1903 for 32-bit Systems
Windows 10 Version 1903 for x64-based Systems
Windows 10 Version 1903 for ARM64-based Systems
Windows Server, version 1903 (Server Core installation)
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
CVE-2020-1056:
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems
Microsoft Edge (EdgeHTML-based) on Windows Server 2019
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems
Microsoft Edge (EdgeHTML-based) on Windows Server 2016
CVE-2020-1117:
Windows 10 Version 1803 for 32-bit Systems
Windows 10 Version 1803 for x64-based Systems
Windows Server, version 1803 (Server Core Installation)
Windows 10 Version 1803 for ARM64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows Server, version 1909 (Server Core installation)
Windows 10 Version 1709 for 32-bit Systems
Windows 10 Version 1709 for x64-based Systems
Windows 10 Version 1709 for ARM64-based Systems
Windows 10 Version 1903 for 32-bit Systems
Windows 10 Version 1903 for x64-based Systems
Windows 10 Version 1903 for ARM64-based Systems
Windows Server, version 1903 (Server Core installation)
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows Server 2016
Windows Server 2016 (Server Core installation)
三 复现过程
无
四 影响范围
根据 ZoomEye 网络空间搜索引擎对关键字 “Microsoft Windows” 进行搜索,共得到 17,282,748 条 IP 历史记录,主要分布在中国、美国等国家;对关键字 “Microsoft Office” 进行搜索,共得到 13, 443 条 IP 历史记录,主要分布在美国、中国等国家;对关键字 “SharePoint” 进行搜索,共得到 11,552 条 IP 历史记录,主要分布在沙特阿拉伯、美国等国家。
五 修复建议
1.建议受影响用户尽快安装补丁进行防护,用户在安装补丁后,应及时检查补丁是否成功更新。针对未成功安装的更新,可点击更新名称跳转到微软官方下载页面
2.修改Internet Explorer处理内存中对象
3.更正Microsoft Graphics Components处理内存中对象
4.更正Windows内核模式驱动程序处理内存中对象
5.修改脚本引擎处理内存中对象
6.更正SharePoint如何检查应用程序包的源标记
六 相关链接
微软:https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/
ZoomEye 网络空间搜索引擎:
https://www.zoomeye.org/searchResult?q=app%3A%22Microsoft%20Windows%22
https://www.zoomeye.org/searchResult?q=app%3A%22Microsoft%20Office%22
https://www.zoomeye.org/searchResult?q=app%3A%22SharePoint%22
热门文章
IBM官方发布WebSphere Application Server XXE漏洞(CVE-2020-4643)
2020年09月17日,IBM发布安全公告,WebSphere Application Server中存在一个安全漏洞,该漏洞是由于WebSphere Application Server在处理XML数据时容易受到XML外部实体注入(XXE)攻击。
FastAdmin远程代码执行0day漏洞(暂无编号)
2020年9月22日,FastAdmin远程代码执行漏洞细节曝光,黑客登录前台会员中心,即可远程GetShell,风险极大。
VMware官方发布Spring Framework反射型文件下载漏洞(CVE-2020-5421)
2020年9月17日,VMware发布安全公告,在Spring Framework版本5.2.0-5.2.8、5.1.0-5.1.17、5.0.0-5.0.18、4.3.0-4.3.28和较旧的不受支持的版本中,发现了一个存在于Spring Framework中的反射型文件下载(Reflected File Download,RFD)漏洞(CVE-2020-5421)。
关注知道创宇云安全
获取安全动态