漏洞关键信息 漏洞标题: ReQuest Serious Play F3 Media Server 7.0.3 - Remote Denial of Service EDB-ID: 48951 CVE: N/A 作者: LiquidWorm 类型: WEBAPPS 平台: HARDWARE 日期: 2020-10-26 受影响的应用: ReQuest Serious Play F3 Media Server 漏洞描述 影响版本: - 7.0.3.4968 (Pro) - 7.0.2.4954 - 6.5.2.4954 - 6.4.2.4681 - 6.3.2.4203 - 2.0.1.823 问题描述: 设备可以通过发送一个HTTP GET请求被未认证的攻击者关机或重启。 已测试环境: - ReQuest Serious Play O/S v7.0.1 - ReQuest Serious Play O/S v6.0.0 - Debian GNU/Linux 5.0 - Linux 3.2.0-4-686-pae - Linux 2.6.36-request+lenny.5 - Apache/2.2.22 - Apache/2.2.9 - PHP/5.4.45 - PHP/5.2.6-1 漏洞发现者 Gjoko 'LiquidWorm' Krstic Macedonian Information Security Research and Development Laboratory Zero Science Lab - https://www.zeroscience.mk 建议ID和URL 建议ID: ZSL-2020-5601 建议URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5601.php 漏洞利用示例