Exploit for Unrestricted Upload of File with Dangerous Type in Dahuasecurity Smart Parking Management CVE-2023-3836

Name: Exploit for Unrestricted Upload of File with Dangerous Type in Dahuasecurity Smart Parking Management CVE-2023-3836
Rating: 5 (90 reviews)

2023-08-30 | CVSS 7.5

## https://sploitus.com/exploit?id=76984FE1-697B-5074-8D1A-53EC4EDED3E5
## 大华智慧园区综合管理平台publishing文件上传 POC

### 安装依赖
```
pip install argparse requests rich
```
> 注意:使用的是python3的环境

### 使用
```
python  CVE-2023-3836.py -h 
```
![image](https://github.com/zh-byte/CVE-2023-3836/assets/81899489/680996fc-9263-4d00-986e-cc28dc57b020)

### 文件内url格式

![image](https://github.com/zh-byte/CVE-2023-3836/assets/81899489/e9f20296-d80c-4be5-b745-88216aa1c38f)


### 运行结果

![image](https://github.com/zh-byte/CVE-2023-3836/assets/81899489/0731af27-69e7-46a3-b18c-65b67eb27fba)