漏洞简介
D-Link DCS-2200是一款监控摄像机,成像色彩为彩色 是一款网络摄像机,
根据VULDB 所看到的信息原文如下
A vulnerability, which was classified as problematic, was found in D-Link DCS-2530L and DCS-2670L (the affected version unknown). This affects some unknown processing of the file /config/getuser. The manipulation with an unknown input leads to a information disclosure vulnerability (Password). CWE is classifying the issue as CWE-200. This is going to have an impact on confidentiality. The summary by CVE is:
通过原文大概意思可以总结为:
D-Link DCS系列 通过访问特定的URL可以得到账号密码信息,攻击方可以
直接进入利用漏洞得到账户密码直接进入后台
漏洞复现
fofa语句
app=“D_Link-DCS-2530L”
name=admin
pass=2272lizs
成功进入可以看到一些实时图像
版权声明:本文为weixin_51387754原创文章,遵循CC 4.0 BY-SA版权协议,转载请附上原文出处链接和本声明。