当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2016-0169752

漏洞标题:西安自来水有限公司邮箱百分之85弱口令密码

相关厂商:西安自来水有限公司

漏洞作者: 路人甲

提交时间:2016-01-19 13:50

修复时间:2016-03-06 14:18

公开时间:2016-03-06 14:18

漏洞类型:后台弱口令

危害等级:高

自评Rank:10

漏洞状态:已交由第三方合作机构(cncert国家互联网应急中心)处理

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2016-01-19: 细节已通知厂商并且等待厂商处理中
2016-01-22: 厂商已经确认,细节仅向厂商公开
2016-02-01: 细节向核心白帽子及相关领域专家公开
2016-02-11: 细节向普通白帽子公开
2016-02-21: 细节向实习白帽子公开
2016-03-06: 细节向公众公开

简要描述:

详细说明:

最近回西安了,没事干就随便玩下。
**.**.**.**/

1.png


wuyinan	302
gongchengbu 302
jiaoxiaogang 302
nanjiaoshuichang 302
wm_checkcenter 302
wangfenglin 302
yonghufazhanbu 302
gisuser 302
testuser 302
anquanguanlibu 302
baoweibu 302
install_center 302
install_north 302
caiwubu 302
caiwenli 302
caoquanling 302
changruyi 302
chenrong 302
chengcheng 302
dailiqiong 302
dangwei 302
dangzongzhi 302
diaodushi 302
dongtao 302
duyun 302
ercigongshui 302
fanwentao 302
fengxiaoqin 302
fuyin 302
gaozhaohui 302
gonghui 302
pnd_north 302
pnd_center 302
pnd_east 302
pnd_south 302
pnd_west 302
guogang 302
guojin 302
guorui 302
guoxiaogang 302
guoxinchao 302
hanqiang 302
hanwei 302
hanzhong 302
hejinping 302
heshan 302
heyufeng 302
houlixin 302
hubiaogaizaoban 302
huangbingxing 302
huangxinhui 302
huichenggongsi 302
huixiangli 302
jichadui 302
jihuajingyingbu 302
jiwei 302
jishubu 302
jiaxiangli 302
jiangheli 302
jingliban 302
kefubu 302
kongfanji 302
laohuaguanwang 302
ligaofeng 302
lijianbing 302
lijianmei 302
lilinpeng 302
liling 302
lishuangxi 302
litao 302
lixiao 302
liyanhong 302
liyijun 302
liyinhu 302
liyongjun 302
lizhongsheng 302
linjie 302
liuchunping 302
liujia 302
liukunshan 302
liusanhou 302
liuwen 302
liuzhen 302
lulei 302
luoweiguo 302
maxiaochen 302
mading 302
maguozeng 302
mapingan 302
maxiaofang 302
mengjun 302
miaojie 302
install_south 302
nengyuanjiliangbu 302
niuxiping 302
panjicheng 302
qinyong 302
qujiangshuichang 302
quanyuzhou 302
renliziyuan 302
renyi 302
sanchang 302
shaojie 302
shebeibu 302
shenjishi 302
shengchanyunxingbu 302
controlcenter 302
shihongzhi 302
shuixie 302
sichang 302
sichenglianchuang 302
sunzhaohui 302
sunyaolin 302
ue_admin 302
ue_manager 302
ue_minister 302
ue_staff 302
addusertest 302
wangbing 302
wangfeng 302
wangfenghui 302
wangfuping 302
wanggewei 302
wangguian 302
wanghongping 302
wangjiaming 302
wangjianli 302
wangjunfeng 302
wanglei 302
wangli 302
wangpeng 302
wangrui 302
wangshangyun 302
wangtong 302
wangwenzhao 302
wangxu 302
wangyi 302
wangyuhua 302
weimingrui 302
wuqiaorong 302
wuchang 302
wuzibu 302
xazls05 302
xiahui 302
xinxin 302
xingzhengshiyebu 302
xujianrong 302
xuanchuanbu 302
xuechangan 302
xuening 302
yanjun 302
yangchen 302
yangjianqing 302
yangjiehua 302
yangjin 302
yangyan 302
yaoyanping 302
sd_north 302
sd_center 302
sd_east 302
sd_south 302
sd_west 302
yuanjunzheng 302
zengjun 302
zhaishaoke 302
zhangduo 302
zhanggang 302
zhanghongshao 302
zhanghua 302
zhangmingsheng 302
zhangshaofeng 302
zhangtao 302
zhangxiaoping 302
zhangxu 302
zhangyan 302
zhangyongjun 302
zhangzhankui 302
zhaogang 302
zhaojinya 302
zhengzhibu 302
zhongaiqing 302
zhouyali 302


密码都是123456

漏洞证明:

最近回西安了,没事干就随便玩下。
**.**.**.**/

1.png


wuyinan	302
gongchengbu 302
jiaoxiaogang 302
nanjiaoshuichang 302
wm_checkcenter 302
wangfenglin 302
yonghufazhanbu 302
gisuser 302
testuser 302
anquanguanlibu 302
baoweibu 302
install_center 302
install_north 302
caiwubu 302
caiwenli 302
caoquanling 302
changruyi 302
chenrong 302
chengcheng 302
dailiqiong 302
dangwei 302
dangzongzhi 302
diaodushi 302
dongtao 302
duyun 302
ercigongshui 302
fanwentao 302
fengxiaoqin 302
fuyin 302
gaozhaohui 302
gonghui 302
pnd_north 302
pnd_center 302
pnd_east 302
pnd_south 302
pnd_west 302
guogang 302
guojin 302
guorui 302
guoxiaogang 302
guoxinchao 302
hanqiang 302
hanwei 302
hanzhong 302
hejinping 302
heshan 302
heyufeng 302
houlixin 302
hubiaogaizaoban 302
huangbingxing 302
huangxinhui 302
huichenggongsi 302
huixiangli 302
jichadui 302
jihuajingyingbu 302
jiwei 302
jishubu 302
jiaxiangli 302
jiangheli 302
jingliban 302
kefubu 302
kongfanji 302
laohuaguanwang 302
ligaofeng 302
lijianbing 302
lijianmei 302
lilinpeng 302
liling 302
lishuangxi 302
litao 302
lixiao 302
liyanhong 302
liyijun 302
liyinhu 302
liyongjun 302
lizhongsheng 302
linjie 302
liuchunping 302
liujia 302
liukunshan 302
liusanhou 302
liuwen 302
liuzhen 302
lulei 302
luoweiguo 302
maxiaochen 302
mading 302
maguozeng 302
mapingan 302
maxiaofang 302
mengjun 302
miaojie 302
install_south 302
nengyuanjiliangbu 302
niuxiping 302
panjicheng 302
qinyong 302
qujiangshuichang 302
quanyuzhou 302
renliziyuan 302
renyi 302
sanchang 302
shaojie 302
shebeibu 302
shenjishi 302
shengchanyunxingbu 302
controlcenter 302
shihongzhi 302
shuixie 302
sichang 302
sichenglianchuang 302
sunzhaohui 302
sunyaolin 302
ue_admin 302
ue_manager 302
ue_minister 302
ue_staff 302
addusertest 302
wangbing 302
wangfeng 302
wangfenghui 302
wangfuping 302
wanggewei 302
wangguian 302
wanghongping 302
wangjiaming 302
wangjianli 302
wangjunfeng 302
wanglei 302
wangli 302
wangpeng 302
wangrui 302
wangshangyun 302
wangtong 302
wangwenzhao 302
wangxu 302
wangyi 302
wangyuhua 302
weimingrui 302
wuqiaorong 302
wuchang 302
wuzibu 302
xazls05 302
xiahui 302
xinxin 302
xingzhengshiyebu 302
xujianrong 302
xuanchuanbu 302
xuechangan 302
xuening 302
yanjun 302
yangchen 302
yangjianqing 302
yangjiehua 302
yangjin 302
yangyan 302
yaoyanping 302
sd_north 302
sd_center 302
sd_east 302
sd_south 302
sd_west 302
yuanjunzheng 302
zengjun 302
zhaishaoke 302
zhangduo 302
zhanggang 302
zhanghongshao 302
zhanghua 302
zhangmingsheng 302
zhangshaofeng 302
zhangtao 302
zhangxiaoping 302
zhangxu 302
zhangyan 302
zhangyongjun 302
zhangzhankui 302
zhaogang 302
zhaojinya 302
zhengzhibu 302
zhongaiqing 302
zhouyali 302


密码都是123456

修复方案:

版权声明:转载请注明来源 路人甲@乌云


漏洞回应

厂商回应:

危害等级:中

漏洞Rank:8

确认时间:2016-01-22 22:26

厂商回复:

CNVD确认所述情况,已经由CNVD通过网站公开联系方式向网站管理单位通报。

最新状态:

暂无