首页 » 漏洞 » 迅雷某MySQL Server可远程登录(root)

迅雷某MySQL Server可远程登录(root)

 

code 区域
Host: 121.10.120.242

User: root

Pass: sd-9******

漏洞证明:

code 区域
mysql> show databases;

+---------------------------+

| Database |

+---------------------------+

| BugReport |

| DLDailyDefault |

| DLDailyTel |

| GlobalConfig |

| NormalDistributeDefault |

| NormalDistributeTel |

| PCCanDownloadCheck |

| PCMobileSpeed |

| PingServer |

| UrlListDB |

| YunTest |

| daniel |

| download_dev |

| hpf_test |

| mysql |

| test |

| test1 |

| test2 |

| testMobileThunderDownload |

| xxxxxxx |

+---------------------------+

20 rows in set (0.06 sec)

迅雷某MySQL Server可远程登录(root)

修复方案:

建议: 修改密码,通过白名单限定可远程登录的IP

原文链接:迅雷某MySQL Server可远程登录(root),转载请注明来源!

0