admin/GobyVuls
1
0
Fork 0
mirror of https://github.com/gobysec/GobyVuls.git synced 2025-05-05 10:16:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

Create Sinovision_Cloud_CDN_live_default_passwd.md

Browse Source 
add Sinovision_Cloud_CDN_live_default_passwd
This commit is contained in:
Goby 2023-05-12 18:13:24 +08:00 committed by GitHub
parent 1704a6f5cb
commit 689061c603
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
Sinovision_Cloud_CDN_live_default_passwd.md Normal file
View File

@ -0,0 +1,12 @@
## Sinovision Cloud CDN live default passwd
| **Vulnerability** | **Sinovision Cloud CDN live default passwd** |
| :----: | :-----|
| **Chinese name** | 华视私云-CDN直播加速服务器默认口令漏洞 |
| **CVSS core** | 6.5 |
| **FOFA Query** (click to view the results directly)| [body=\"src=\\\"img/dl.gif\\\"\" && title=\"系统登录\" && body=\"华视美达\"](https://en.fofa.info/result?qbase64=Ym9keT0ic3JjPVwiaW1nL2RsLmdpZlwiIiAmJiB0aXRsZT0i57O757uf55m75b2VIiAmJiBib2R5PSLljY7op4bnvo7ovr4i) |
| **Number of assets affected** | 737 |
| **Description** | CDN Live Broadcast Acceleration Server is a server for CDN live broadcast acceleration. The weak password vulnerability exists in the CDN Live broadcast acceleration server. The attacker can use the default password admin/admin to log in to the system background and obtain the background administrator permission. |
| **Impact** | attackers can control the entire platform through default password vulnerabilities and use administrator privileges to operate core functions. |
![](https://s3.bmp.ovh/imgs/2023/05/12/2d290c42299026fa.gif)