漏洞描述
【漏洞对象】iBall Baton ADSL2+ Home Router路由器【漏洞版本】iBall Baton ADSL2+ Home RouterFW_iB-LR7011A_1.0.2 【漏洞描述】 该版本中存在身份验证绕过漏洞;攻击者可借助通过构建带有.cgi扩展的URL利用该漏洞登录管理面板。
iBall ADSL2+ Home Router-越权漏洞
PoC代码
暂无相关漏洞推荐
- wavlink-router-live-api-cgi-rce: WavLink Router Live API cgi RCE
- POC CVE-2014-2962: Belkin N150 Router 1.00.08/1.00.09 - Path Traversal
- POC CVE-2015-0554: ADB/Pirelli ADSL2/2+ Wireless Router P.DGA4001N - Information Disclosure
- POC CVE-2016-6277: NETGEAR Routers - Remote Code Execution
- POC CVE-2017-15647: FiberHome Routers - Local File Inclusion
- POC CVE-2017-5521: NETGEAR Routers - Authentication Bypass
- POC CVE-2018-0127: Cisco RV132W/RV134W Router - Information Disclosure
- POC CVE-2018-10822: D-Link Routers - Local File Inclusion
- POC CVE-2018-10823: D-Link Routers - Remote Command Injection
- POC CVE-2019-16313: ifw8 Router ROM v4.31 - Credential Discovery
- POC CVE-2019-1653: Cisco Small Business WAN VPN Routers - Sensitive Information Disclosure
- POC CVE-2019-16920: D-Link Routers - Remote Code Execution
- POC CVE-2019-18371: Xiaomi Mi WiFi R3G Routers - Local file Inclusion