当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2013-034371

漏洞标题:福州市天网交通探头弱口令可任意查看监控影像(大量)

相关厂商:福州市天网

漏洞作者: Lmz

提交时间:2013-08-15 19:09

修复时间:2013-09-29 19:10

公开时间:2013-09-29 19:10

漏洞类型:服务弱口令

危害等级:高

自评Rank:20

漏洞状态:已交由第三方合作机构(cncert国家互联网应急中心)处理

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2013-08-15: 细节已通知厂商并且等待厂商处理中
2013-08-19: 厂商已经确认,细节仅向厂商公开
2013-08-29: 细节向核心白帽子及相关领域专家公开
2013-09-08: 细节向普通白帽子公开
2013-09-18: 细节向实习白帽子公开
2013-09-29: 细节向公众公开

简要描述:

福州市天网交通探头弱口令,可监控省政府~~~~

详细说明:

账户名:admin 密码12345

61.131.97.130 | 61.131.97.133 | 61.131.97.129 | 61.131.97.132
61.131.97.136 | 61.131.97.141 | 61.131.97.139 | 61.131.97.144
61.131.97.147 | 61.131.97.146 | 61.131.97.154 | 61.131.97.152
61.131.97.156 | 61.131.97.159 | 61.131.97.149 | 61.131.97.148 
61.131.97.151 | 61.131.97.153 | 61.131.97.158 | 61.131.97.148 
61.131.97.150 | 61.131.97.167 | 61.131.97.66  | 61.131.97.64 
61.131.97.240 | 61.131.97.252 | 61.131.98.1   | 61.131.98.2 
61.131.98.3   | 61.131.98.4   | 61.131.98.5   | 61.131.98.11 
61.131.98.12  | 61.131.98.18  | 61.131.98.19  | 61.131.98.22 
61.131.98.20  | 61.131.98.28  | 61.131.98.34  | 61.131.98.36 
61.131.98.35  | 61.131.98.33  | 61.131.98.37  | 61.131.98.48 
61.131.98.5   | 61.131.98.69  | 61.131.98.88  | 61.131.98.72 
61.131.98.98  | 61.131.98.97  | 61.131.98.01  | 61.131.98.130 
61.131.98.132 | 61.131.98.121 | 61.131.98.129 | 61.131.98.133 
61.131.98.131 | 61.131.98.145 | 61.131.98.154 | 61.131.98.152 
61.131.98.153 | 61.131.98.163 | 61.131.98.162 | 61.131.98.161 
61.131.98.165 | 61.131.98.177 | 61.131.98.172 | 61.131.98.178 
61.131.98.181 | 61.131.98.185 | 61.131.98.182 | 61.131.98.226 
61.131.98.227 | 61.131.98.225 | 61.131.98.241 | 61.131.98.248

漏洞证明:

103.jpg


104.jpg

修复方案:

加强口令,

版权声明:转载请注明来源 Lmz@乌云

漏洞回应

厂商回应:

危害等级:高

漏洞Rank:14

确认时间:2013-08-19 21:31

厂商回复:

CNVD确认并复现所述情况,已经转由CNCERT下发福建分中心,经福建分中心反馈,该系统由福建电信运维,已经协调当地基础电信运营企业处置。
rank 14

最新状态:

暂无