当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0132689

漏洞标题:华创公司四种设备产品存在通用型设计缺陷可任意管理员登录&通用型源码泄漏(100+案例)

相关厂商:北京华夏创新科技有限公司

漏洞作者: YY-2012

提交时间:2015-08-12 12:02

修复时间:2015-11-10 14:40

公开时间:2015-11-10 14:40

漏洞类型:设计缺陷/逻辑错误

危害等级:高

自评Rank:20

漏洞状态:已交由第三方合作机构(cncert国家互联网应急中心)处理

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2015-08-12: 细节已通知厂商并且等待厂商处理中
2015-08-12: 厂商已经确认,细节仅向厂商公开
2015-08-15: 细节向第三方安全合作伙伴开放
2015-10-06: 细节向核心白帽子及相关领域专家公开
2015-10-16: 细节向普通白帽子公开
2015-10-26: 细节向实习白帽子公开
2015-11-10: 细节向公众公开

简要描述:

包括:应用交付系统,广域网优化系统,负载均衡器和智能加速路由器都是同一套系统来的。。
随便找来180+案例。。

详细说明:

设备全称:LotApp 应用交付系统,LotWan 广域网优化系统,LotBalance 负载均衡器,华创智能加速路由器
以上设备存在以下问题名称需不一样,但都是同一套系统。疑似后门:
(1)通过路由WEB登录页面随便填写户名(这里测试以admin为例)密码为随便(但密码一定要通过burp拦截提交而且密码后面必须带“%26”),就可以随意登录了。。
(2)通过get请求的php文件后面加个“.”,可导致当前页面的源代码泄漏。

漏洞证明:

LotApp 应用交付系统:
https://125.64.214.179/
https://221.10.131.84/
https://222.240.180.130/
http://124.239.193.204/
http://124.239.193.234/
http://121.28.81.54/
http://124.239.193.197/
http://124.239.193.217/
http://124.239.193.205/
http://124.239.193.242/
http://124.239.193.199/
http://124.239.193.231/
http://124.239.193.220/
http://124.239.193.230/
https://124.239.193.214/
https://124.239.193.242/
http://124.239.193.239/
https://111.160.46.6/
https://221.10.131.85/
https://221.10.131.93/
https://221.10.131.92/
https://221.10.131.82/
http://124.239.193.218/
http://124.239.193.196/
http://124.239.193.206/
http://124.239.193.224/
http://124.239.193.226/
http://124.239.193.236/
http://124.239.193.228/
http://124.239.193.216/
http://124.239.193.194/
http://124.239.193.208/
http://124.239.193.237/
http://124.239.193.195/
http://124.239.193.207/
http://124.239.193.227/
http://124.239.193.225/
http://124.239.193.215/
http://124.239.193.235/
https://222.171.183.181/
https://60.219.151.165/
https://222.171.183.163/
https://111.160.54.34/
https://221.10.131.75/
https://221.10.131.91/
https://221.10.131.94/
https://221.10.131.87/
https://221.10.131.89/
https://221.10.131.77/
https://221.10.131.78/
https://221.10.131.88/
https://221.10.131.86/
https://221.10.131.80/
http://61.187.179.214:8888/
http://61.187.179.215:8888/
https://221.10.131.81/
https://221.10.131.79/
https://221.10.131.90/
https://221.10.131.66/
https://221.10.131.76/
https://211.137.151.196/
https://218.10.58.185/
https://221.10.46.148/
https://221.10.131.83/
http://124.239.193.201/
http://124.239.193.233/
https://124.239.193.230/


aaaaaaaaaa111111111111111111111.jpg


aaaaaaaaaaaa222222222222222222222.jpg


aaaaaaaaaaaa333333333333333333.jpg


aaaaaaaaa444444444444444444.jpg


LotWan 广域网优化系统:
http://218.70.87.118:8888/
https://113.204.112.123/
https://218.70.87.117/
http://113.204.112.125:8888/
https://ddk.i12371.cn/
https://218.70.87.116/
https://218.70.87.114/
http://113.204.112.122:8888/
https://113.204.112.124/
https://www.ciat.cq.cn/
https://113.204.112.126/
https://222.141.201.41/
http://222.141.201.94:8080/
https://183.129.129.34/
https://222.222.129.159/
https://123.161.204.48/
https://123.161.204.45/
https://124.94.99.35/
http://124.95.171.24:8080/
https://210.21.11.60/
https://60.23.49.251/
https://121.32.24.126/
https://120.194.238.163/
https://120.194.238.175/
https://120.194.238.173/
https://120.194.238.205/
https://120.194.238.203/
https://120.194.238.245/
https://120.194.238.185/
https://120.194.238.243/
https://120.194.238.165/
https://120.194.238.213/
https://120.194.238.171/
https://120.194.238.181/
https://120.194.238.155/
https://120.194.238.211/
https://120.194.238.242/
https://120.194.238.202/
https://120.194.238.152/
https://120.194.238.254/
https://120.194.238.144/
https://120.194.238.212/
https://120.194.238.149/
https://120.194.238.249/
https://120.194.238.169/
https://120.194.238.189/
https://120.194.238.179/
https://120.194.238.237/
https://120.194.238.147/
https://120.194.238.219/
https://120.194.238.187/
https://120.194.238.177/
https://120.194.238.239/
https://120.194.238.229/
https://120.194.238.199/
https://120.194.238.253/
https://120.194.238.168/
https://120.194.238.228/
https://120.194.238.188/
https://120.194.238.200/
https://120.194.238.248/
https://120.194.238.170/
https://120.194.238.190/
https://120.194.238.236/
https://120.194.238.176/
https://120.194.238.146/
https://120.194.238.196/
https://120.194.238.156/
https://120.194.238.230/
https://120.194.238.250/
https://120.194.238.234/
https://120.194.238.224/
https://120.194.238.192/
https://120.194.238.222/
https://120.194.238.142/
https://120.194.238.184/
https://120.194.238.198/
https://120.194.238.240/
https://120.194.238.216/
https://120.194.238.246/
https://120.194.238.151/
https://120.194.238.194/
https://synth-ip-b7e60a02.966599.com/
https://120.194.238.225/
https://120.194.238.174/
https://183.230.10.3/
https://120.194.238.162/
https://120.194.238.164/


aaaaaaaaaaaaaa5555555555555555555555.jpg


aaaaaaaaaaaa66666666666666666666666.jpg


aaaaaaaaaaa77777777777777777777.jpg


LotBalance 负载均衡器:
https://123.7.177.23/
http://219.139.131.140:8888/
https://123.7.177.29/
https://123.7.177.19/
https://1.192.126.31/
https://123.7.177.35/
https://123.7.177.30/
https://123.7.177.33/
https://123.7.177.32/
https://123.7.177.34/
https://123.7.177.18/
https://123.7.177.20/
https://123.7.177.16/
https://218.28.44.244/
https://218.28.44.242/
https://183.63.127.106/
https://123.7.177.27/
https://123.7.177.36/
https://jys.nyedu.net/
https://61.163.231.236/
https://www.nyedu.net/
https://218.75.54.146/
https://123.7.177.21/


aaaaaaaaaaa88888888888888888888.jpg


aaaaaaaaaa99999999999999999999.jpg


aaaaaaaaaaaaaa10.jpg


华创智能加速路由器:
http://218.28.194.190/
https://118.26.68.4/
https://124.117.212.54/
http://221.238.229.42/
http://211.103.235.166/
https://124.65.132.74/
http://118.26.68.2/
http://211.103.235.168/
https://118.26.68.7/
https://rdfzsyxx.com/
https://www.zclxx.com/
https://118.26.68.5/
https://www.rdfzsyxx.com/


zzzzzzzzzzz1111111111111111111.jpg


zzzzzzzzzzzz222222222222222222.jpg


zzzzzzzzzzz3333333333333333333333.jpg

修复方案:

联系厂商。。

版权声明:转载请注明来源 YY-2012@乌云

漏洞回应

厂商回应:

危害等级:高

漏洞Rank:15

确认时间:2015-08-12 14:38

厂商回复:

CNVD确认并复现所述情况,已经由CNVD通过网站公开联系方式向软件生产厂商通报。

最新状态:

暂无