关联漏洞
Description
Analyzing and Reproducing the Command Injection Vulnerability (CVE-2023-0861) in NetModule Routers
介绍
### Analyzing and Reproducing the Command Injection Vulnerability (CVE-2023-0861) in NetModule Routers
NetModule is an Original Equipment Manufacturer (OEM) of industrial grade routers that are commonly used in critical
infrastructure and industrial control systems. On February 24th, 2023, ONEKEY, a security research firm, released a security
advisory disclosing a vulnerability that affect 9 NetModule routers. The vulnerability were identified within the web
management interface and allow authenticated users to execute arbitrary commands with elevated privileges.
As an individual interested in IoT security and firmware analysis, I find it valuable to review the entire reproduction process of
reported vulnerabilities and In the pursuit of expanding my knowledge and skills, I took it upon myself to reproduce the
disclosed vulnerability.
文件快照
[4.0K] /data/pocs/e026ab344347e1fe78c2ef1fea4e3a0373ea483c
├── [222K] Analyzing and Reproducing the Command Injection Vulnerability (CVE-2023-0861) in NetModule Routers.pdf
├── [1.1K] PoC-CVE-2023-0861.py
└── [ 848] README.md
0 directories, 3 files
备注
1. 建议优先通过来源进行访问。
2. 本地 POC 快照面向订阅用户开放;当原始来源失效或无法访问时,本地镜像作为订阅权益的一部分提供。
3. 持续抓取、验证、维护这份 POC 档案需要不少投入,因此本地快照已纳入付费订阅。您的订阅是让这份资料能继续走下去的关键,由衷感谢。 查看订阅方案 →