CVE-2021-1472 PoC — Cisco Small Business RV Series Routers 授权问题漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2021/CVE-2021-1472.yaml

Associated Vulnerability

Title:Cisco Small Business RV Series Routers 授权问题漏洞 (CVE-2021-1472)
Description:Cisco Small Business RV Series Routers是美国思科（Cisco）公司的一款RV系列路由器。 Cisco Small Business RV Series Routers 存在授权问题漏洞，远程攻击者可利用该漏洞可以执行任意命令或绕过身份验证并在受影响的设备上上传文件。

Description

Cisco Small Business RV Series routers RV16X/RV26X versions 1.0.01.02 and before and RV34X versions 1.0.03.20 and before contain multiple OS command injection vulnerabilities in the web-based management interface. A remote attacker can execute arbitrary OS commands via the sessionid cookie or bypass authentication and upload files on an affected device.

File Snapshot


 id: CVE-2021-1472

info:
  name: Cisco Small Business RV Series - OS Command Injection
  author: gy7

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!