admin/POC
1
0
Fork 0
mirror of https://github.com/eeeeeeeeee-code/POC.git synced 2025-11-07 19:35:52 +00:00
Code Issues Packages Projects Releases Wiki Activity
POC/wpoc/Arris/ArrisTR3300路由器basic_sett存在未授权信息泄露漏洞.md
eeeeeeeeee-code 06c8413e64 first commit
2025-03-04 23:12:57 +08:00

1.1 KiB
Raw Blame History

Arris TR3300路由器basic_sett存在未授权信息泄露漏洞

一、漏洞简介

Arris TR3300路由器basic_sett存在未授权信息泄露漏洞

二、影响版本

  • Arris路由器

三、资产测绘

  • fofabody="base64encode(document.tF.pws.value)" || body="ARRIS TR3300"
  • 特征

1716312584374-f0336037-460d-4dea-906c-64bdfc4f4c2e.png

四、漏洞复现

/basic_sett.html

密码泄露:

1716312848098-bd944f8e-fbeb-4124-8091-eef498dbb93f.png

base64解密后登录系统

1716312869564-ba0d97cd-cf30-427f-a3f2-43bed255913d.png

1716312948463-4d0f810a-8bc3-4ae0-983f-1a7ba7a195d3.png

更新: 2024-05-23 13:30:54
原文: https://www.yuque.com/xiaokp7/ocvun2/bts33znxgp7g76vr