Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2017-9554 PoC — Synology DiskStation Manager 信息泄露漏洞

Source
https://github.com/Ez0-yf/CVE-2017-9554-Exploit-Tool
Associated Vulnerability
Title:Synology DiskStation Manager 信息泄露漏洞 (CVE-2017-9554)
Description:An information exposure vulnerability in forget_passwd.cgi in Synology DiskStation Manager (DSM) before 6.1.3-15152 allows remote attackers to enumerate valid usernames via unspecified vectors.
Description
CVE-2017-9554 Exploit Tool
Readme
# CVE-2017-9554-Exploit-Tool
CVE-2017-9554 Exploit Tool

Synology DiskStation Manager (DSM) < 6.1.3-15152 - 'forget_passwd.cgi' User Enumeration EXPLOIT Tool  
Exploit Author : Steve Kaun  
Exploit Tool Author : Ez0-yf  
Vendor Homepage : https://www.synology.com  
Version : Before 6.1.3-15152  
CVE : CVE-2017-9554
File Snapshot

 [4.0K]  /data/pocs/ae0f2ff16fc990ac9b484068c4b1d6042e2838db
├── [ 319]  README.md
├── [  20]  ref2.txt
├── [  57]  ref.txt
├── [1.6K]  request.py
├── [  20]  text.txt
├── [   1]  win.txt
├── [  39]  wordlist1.txt
└── [813K]  wordlist2.txt

0 directories, 8 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →