admin/POC00
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
POC00/杭州雄威餐厅数字化综合管理平台存在存在绕过认证导致任意密码重置漏洞.md

25 lines
825 B
Markdown
Raw Permalink Normal View History

730更新漏洞
2024-07-30 19:12:47 +08:00
# 杭州雄威餐厅数字化综合管理平台存在存在绕过认证导致任意密码重置漏洞
杭州雄威科技发展有限公司餐厅数字化综合管理平台存在存在绕过认证导致任意密码重置漏洞
## fofa
```yaml
title="餐厅数字化综合管理平台"
```
## poc
漏洞复现过程
![image-20240729184018341](https://sydgz2-1310358933.cos.ap-guangzhou.myqcloud.com/pic/202407291840393.png)
![image-20240729184033582](https://sydgz2-1310358933.cos.ap-guangzhou.myqcloud.com/pic/202407291840623.png)
动态口令随便填下一步抓包修改code值为1.
![image-20240729184044806](https://sydgz2-1310358933.cos.ap-guangzhou.myqcloud.com/pic/202407291840857.png)
![img](https://sydgz2-1310358933.cos.ap-guangzhou.myqcloud.com/pic/202407291840451.gif)
放包输入新密码即可。
Reference in New Issue Copy Permalink