OPENLITESPEED

Print document Edit on github

[*] Mark

CVE-2022-00721 所示的OpenLiteSpeed Web 目录穿越漏洞2

Github commit记录所示3

2022-11-22-11.22.23.png

RewriteRule4

"RewriteCond %{REQUEST_URI} !^/(index|login)\\.php$\n"
"RewriteCond %{REQUEST_URI} !^/view/(serviceMgr|confMgr|ajax_data|dashboard|logviewer|compilePHP|realtimestats)\\.php$\n"
"RewriteRule \\.php - [F]\n";

REF

  1. Full Disclosure of CVE-2022-0072, CVE-2022-0073, and CVE-2022-0074 and What You Should Do 

  2. OpenLiteSpeed Web 服务器被曝多个严重性漏洞 

  3. openlitespeed/::1.7.16.1::commit 

  4. Apache正则表达式-RewriteRule和RewriteCond规则参数的详细介绍 

    •