乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-08-12: 细节已通知厂商并且等待厂商处理中 2015-08-12: 厂商已经确认,细节仅向厂商公开 2015-08-15: 细节向第三方安全合作伙伴开放 2015-10-06: 细节向核心白帽子及相关领域专家公开 2015-10-16: 细节向普通白帽子公开 2015-10-26: 细节向实习白帽子公开 2015-11-10: 细节向公众公开
包括:应用交付系统,广域网优化系统,负载均衡器和智能加速路由器都是同一套系统来的。。随便找来180+案例。。
设备全称:LotApp 应用交付系统,LotWan 广域网优化系统,LotBalance 负载均衡器,华创智能加速路由器以上设备存在以下问题名称需不一样,但都是同一套系统。疑似后门:(1)通过路由WEB登录页面随便填写户名(这里测试以admin为例)密码为随便(但密码一定要通过burp拦截提交而且密码后面必须带“%26”),就可以随意登录了。。(2)通过get请求的php文件后面加个“.”,可导致当前页面的源代码泄漏。
LotApp 应用交付系统:https://125.64.214.179/https://221.10.131.84/https://222.240.180.130/http://124.239.193.204/http://124.239.193.234/http://121.28.81.54/http://124.239.193.197/http://124.239.193.217/http://124.239.193.205/http://124.239.193.242/http://124.239.193.199/http://124.239.193.231/http://124.239.193.220/http://124.239.193.230/https://124.239.193.214/https://124.239.193.242/http://124.239.193.239/https://111.160.46.6/https://221.10.131.85/https://221.10.131.93/https://221.10.131.92/https://221.10.131.82/http://124.239.193.218/http://124.239.193.196/http://124.239.193.206/http://124.239.193.224/http://124.239.193.226/http://124.239.193.236/http://124.239.193.228/http://124.239.193.216/http://124.239.193.194/http://124.239.193.208/http://124.239.193.237/http://124.239.193.195/http://124.239.193.207/http://124.239.193.227/http://124.239.193.225/http://124.239.193.215/http://124.239.193.235/https://222.171.183.181/https://60.219.151.165/https://222.171.183.163/https://111.160.54.34/https://221.10.131.75/https://221.10.131.91/https://221.10.131.94/https://221.10.131.87/https://221.10.131.89/https://221.10.131.77/https://221.10.131.78/https://221.10.131.88/https://221.10.131.86/https://221.10.131.80/http://61.187.179.214:8888/http://61.187.179.215:8888/https://221.10.131.81/https://221.10.131.79/https://221.10.131.90/https://221.10.131.66/https://221.10.131.76/https://211.137.151.196/https://218.10.58.185/https://221.10.46.148/https://221.10.131.83/http://124.239.193.201/http://124.239.193.233/https://124.239.193.230/
LotWan 广域网优化系统:http://218.70.87.118:8888/https://113.204.112.123/https://218.70.87.117/http://113.204.112.125:8888/https://ddk.i12371.cn/https://218.70.87.116/https://218.70.87.114/http://113.204.112.122:8888/https://113.204.112.124/https://www.ciat.cq.cn/https://113.204.112.126/https://222.141.201.41/http://222.141.201.94:8080/https://183.129.129.34/https://222.222.129.159/https://123.161.204.48/https://123.161.204.45/https://124.94.99.35/http://124.95.171.24:8080/https://210.21.11.60/https://60.23.49.251/https://121.32.24.126/https://120.194.238.163/https://120.194.238.175/https://120.194.238.173/https://120.194.238.205/https://120.194.238.203/https://120.194.238.245/https://120.194.238.185/https://120.194.238.243/https://120.194.238.165/https://120.194.238.213/https://120.194.238.171/https://120.194.238.181/https://120.194.238.155/https://120.194.238.211/https://120.194.238.242/https://120.194.238.202/https://120.194.238.152/https://120.194.238.254/https://120.194.238.144/https://120.194.238.212/https://120.194.238.149/https://120.194.238.249/https://120.194.238.169/https://120.194.238.189/https://120.194.238.179/https://120.194.238.237/https://120.194.238.147/https://120.194.238.219/https://120.194.238.187/https://120.194.238.177/https://120.194.238.239/https://120.194.238.229/https://120.194.238.199/https://120.194.238.253/https://120.194.238.168/https://120.194.238.228/https://120.194.238.188/https://120.194.238.200/https://120.194.238.248/https://120.194.238.170/https://120.194.238.190/https://120.194.238.236/https://120.194.238.176/https://120.194.238.146/https://120.194.238.196/https://120.194.238.156/https://120.194.238.230/https://120.194.238.250/https://120.194.238.234/https://120.194.238.224/https://120.194.238.192/https://120.194.238.222/https://120.194.238.142/https://120.194.238.184/https://120.194.238.198/https://120.194.238.240/https://120.194.238.216/https://120.194.238.246/https://120.194.238.151/https://120.194.238.194/https://synth-ip-b7e60a02.966599.com/https://120.194.238.225/https://120.194.238.174/https://183.230.10.3/https://120.194.238.162/https://120.194.238.164/
LotBalance 负载均衡器:https://123.7.177.23/http://219.139.131.140:8888/https://123.7.177.29/https://123.7.177.19/https://1.192.126.31/https://123.7.177.35/https://123.7.177.30/https://123.7.177.33/https://123.7.177.32/https://123.7.177.34/https://123.7.177.18/https://123.7.177.20/https://123.7.177.16/https://218.28.44.244/https://218.28.44.242/https://183.63.127.106/https://123.7.177.27/https://123.7.177.36/https://jys.nyedu.net/https://61.163.231.236/https://www.nyedu.net/https://218.75.54.146/https://123.7.177.21/
华创智能加速路由器:http://218.28.194.190/https://118.26.68.4/https://124.117.212.54/http://221.238.229.42/http://211.103.235.166/https://124.65.132.74/http://118.26.68.2/http://211.103.235.168/https://118.26.68.7/https://rdfzsyxx.com/https://www.zclxx.com/https://118.26.68.5/https://www.rdfzsyxx.com/
联系厂商。。
危害等级:高
漏洞Rank:15
确认时间:2015-08-12 14:38
CNVD确认并复现所述情况,已经由CNVD通过网站公开联系方式向软件生产厂商通报。
暂无