SSV-99912
摘要
漏洞概要:漏洞名称: totolink a810r 命令注入漏洞(CVE-2024-57036)
正文
漏洞名称: totolink a810r 命令注入漏洞(CVE-2024-57036) 关注 0 基本字段 漏洞编号: SSV-99912 披露/发现时间: 未知 提交时间: 2025-01-23 漏洞等级: 漏洞类别: 命令注入 影响组件: TOTOLink A810R (V4.1.2cu.5032_B20200407) 漏洞作者: 未知 提交者: Knownsec CVE-ID: CVE-2024-57036 CNNVD-ID: 补充 CNVD-ID: 补充 ZoomEye Dork: 补充 来源 https://github.com/luckysmallbird/Totolink-A810R-Vulnerability-1/blob/main/3.md 漏洞详情 贡献者 共获得 0KB # Totolink-A810R-downloadFile.cgi-Vulnerability ## Overview - Manufacturer's website information:https://www.totolink.net/ - Firmware download: https://www.totolink.net/home/menu/detail/menu_listtpl/download/id/169/ids/36.html ### Product Information TOTOLink A810R V4.1.2cu.5032_B20200407 Wireless Dual Band Router:  ## Vulnerability details TOTOLINK A810R V4.1.2cu.5032_B20200407 was found to contain a command insertion vulnerability in downloadFile.cgi main function. This vulnerability allows an attacker to execute arbitrary commands by sending HTTP request. The QUERY_STRING is injected into the v14 string, which is then executed by the system function. By using shell script delimiters such as ; in the ussd parameter, arbitrary commands can be executed.  Although the server filters out certain characters, it is still possible to execute some commands. ## POC 1. Use the qemu-system-mipsel to reproduce firmware environment. 2. Send POC to webpage. ```shell= http://192.168.56.1:8080/cgi-bin/downloadFlile.cgi?payload=123;ls${IFS}/web_cste/*; ```  共 0 兑换了 PoC 暂无 PoC 参考链接 解决方案 临时解决方案 暂无临时解决方案 官方解决方案 暂无官方解决方案 防护方案 暂无防护方案 完善解决方案 返回 提交 生命线 发现/披露了漏洞 Knownsec 2025-01-23 提交了漏洞 Knownsec 2025-01-23 提交补充了漏洞详情 相关漏洞 漏洞名称: totolink a810r 命令注入漏洞(CVE-2024-57036) TOTOLink 多款路由器未授权RCE漏洞 关注 0 人气 18484 0 评论前需绑定手机 现在绑定 提交评论 匿名回复 暂无评论 ※本站提供的任何内容、代码与服务仅供学习,请勿用于非法用途,否则后果自负
标签
- source:seebug
- type:vuln
扩展字段
{
"ssvid": "ssvid-99912"
}