Secustion Camera Vulnerability Recurrence
Last updated
Last updated
Secustion Camera Vulnerability Recurrence
First, let's go to the target landing page
Enter admin password for the account
Then we use burpsuite to capture packets and intercept echoes
This is the echo package of the target
Next, we make modifications and release the data package
Change the echo package content to this and release
HTTP/1.0 200 OK
Content-Type:text/html
var check="1";
var authLevel ="255";
The login success prompt appears
Next, we read the administrator's plaintext password
Click this function node and perform packet capture interception echo
Then we saw the correct plaintext password of the administrator in the echo package
This vulnerability affects known product versions
V2.5.5.3116-S50-SMA-B20171107A,
V2.3.4.1301-M20-TSA-B20150617A, V2.5.5.3116-S50-RXA-B20180502A,
V2.5.5.3116-S50-SMA-B20190723A, V2.5.5.3116-S50-SMB-B20161012A,
V2.3.4.2103-S50-NTD-B20170508B, V2.5.5.3116-S50-SMB-B20160601A,
V2.5.5.2601-S50-TSA-B20151229A, and V2.5.5.3116-S50-SMA-B20170217.