Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-28150 PoC — Hongdian H8922 输入验证错误漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2021/CVE-2021-28150.yaml
Associated Vulnerability
Title:Hongdian H8922 输入验证错误漏洞 (CVE-2021-28150)
Description:Hongdian H8922是中国Hongdian公司的一个路由器。 Hongdian H8922 3.0.5 devices 存在安全漏洞,该漏洞允许非特权用户通过backup2.cgi读取cli.conf(带有管理员密码和其他敏感数据)。
Description
Hongdian H8922 3.0.5 is susceptible to information disclosure. An attacker can access cli.conf (with the administrator password and other sensitive data) via /backup2.cgi and thereby possibly obtain sensitive information, modify data, and/or execute unauthorized operations.
File Snapshot

 id: CVE-2021-28150

info:
  name: Hongdian H8922 3.0.5 - Information Disclosure
  author: gy741
  se

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.