CVE-2021-42071 PoC — Ax-Solutions Visual Tools Dvr Vx16 操作系统命令注入漏洞

Source

https://github.com/adubaldo/CVE-2021-42071

Associated Vulnerability

Title:Ax-Solutions Visual Tools Dvr Vx16 操作系统命令注入漏洞 (CVE-2021-42071)
Description:Ax-Solutions Visual Tools Dvr Vx16是美国Ax-Solutions公司的一种视频监控系统。用于图像分析。 Ax-Solutions Visual Tools DVR VX16 4.2.28.0 中存在操作系统命令注入漏洞，未经身份验证的攻击者可以通过 cgi-bin/slogin/login.py Uaer-Agent HTTP 标头中的 shell 元字符实现远程命令执行。

Description

In Visual Tools DVR VX16 4.2.28.0, an unauthenticated attacker can achieve remote command execution via shell metacharacters in the cgi-bin/slogin/login.py User-Agent HTTP header.

File Snapshot


 [4.0K]  /data/pocs/834527de29c90ad1c9efd21f052997c9246bf454

0 directories, 0 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!