CVE-2020-35713 PoC — Belkin LINKSYS RE6500 操作系统命令注入漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2020/CVE-2020-35713.yaml

Associated Vulnerability

Title:Belkin LINKSYS RE6500 操作系统命令注入漏洞 (CVE-2020-35713)
Description:Belkin LINKSYS RE6500是美国Belkin公司的一款无线路由器。 Belkin LINKSYS RE6500 devices 1.0.012.001之前版本存在操作系统命令注入漏洞，该漏洞允许远程攻击者可利用该漏洞通过shell元字符在goform setSysAdm页面上执行任意命令或设置新密码。

Description

Belkin LINKSYS RE6500 devices before 1.0.012.001 allow remote attackers to execute arbitrary commands or set a new password via shell metacharacters to the goform/setSysAdm page.

File Snapshot


 id: CVE-2020-35713

info:
  name: Belkin Linksys RE6500 <1.0.012.001 - Remote Command Execution
  au

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!