漏洞描述
【漏洞对象】AVTECH视频监控产品 【漏洞描述】AVTECH视频监控产品的Search.cgi未经授权访问,通过修改ip、端口和queryb64str参数,攻击者能够执行任意的HTTP请求无认证的通过DVR设备。
AVTECH 监控产品-SSRF
PoC代码
暂无相关漏洞推荐
- POC CVE-2024-7029: AVTECH IP Camera - Command Injection
- POC avtech-dvr-exposure: Avtech AVC798HA DVR Information Exposure
- POC avtech-password-disclosure: AVTECH 视频监控设备认证绕过
- POC CVE-2013-4982: AVTECH DVR - Login Verification Code Bypass
- POC avtech-dvr-exposure: AVTECH AVC798HA DVR - Information Exposure
- POC avtech-auth-bypass: AVTECH Video Surveillance Product - Authentication Bypass
- POC avtech-dvr-ssrf: AVTECH DVR - SSRF
- POC avtech-unauth-file-download: AVTECH Video Surveillance Product - Unauthenticated File Download
- AVTECH 监控产品-CloudSetup.cgi-后台远程命令执行
- AVTECH 监控产品-adcommand.cgi-后台远程命令执行
- AVTECH 监控产品-远程命令执行
- AVTECH 监控产品-信息泄漏
- AVTECH 监控产品-验证码绕过导致暴力破解A