关联漏洞
标题:
N/A
(CVE-2024-57778)
描述:Orbe ONetView Reader Onet-1200 Orbe 1680210096 存在一个问题,允许远程攻击者通过服务器响应将状态码从 500 更改为状态码 200 来提升权限。
描述
An issue in Orbe ONetView Roteador Onet-1200 Orbe 1680210096 allows a remote attacker to escalate privileges via the servers response from status code 500 to status code 200
介绍
# CVE-2024-57778
**Description**: An issue in Orbe ONetView Roteador Onet-1200 allows a remote attacker to escalate privileges via the servers response from status code 500 to status code 200.
**Versions**: Discovered in Orbe ONetView Roteador Onet-1200 Orbe 1680210096, but applicable to all versions up to.
## Proof of Concept
When accessing the router's menu page at http://192.168.1.1/menu.html and clicking on any option, a 500 error code will be displayed:
After this, we can activate Burp Suite to capture the application's response. Then, by accessing http://192.168.1.1/menu.html again and triggering the error, we can change the code to 200:
With this, we gain access to the configuration page:
Now, with full access to the router, you can enable or disable features, modify settings, and perform other administrative tasks as needed.
文件快照
[4.0K] /data/pocs/f0c3253486ad40c64cd4e620ff5d36dd966c56af
└── [1.1K] README.md
0 directories, 1 file
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。