CVE-2023-31861: CVE-ZLMediaKit/README.md at main · nbb651/CVE-ZLMediaKit

CVE ID：CVE-2023-31861

ZLMediaKit has a Directory Traversal vulnerability

ZLMediaKit is a high-performance operational level streaming service framework based on C++11, widely used in mobile embedded cross platform cameras and other applications.

Github Address：https://github.com/ZLMediaKit/ZLMediaKit

Mapping of cyberspace assets：https://hunter.qianxin.com/list?search=web.title%3D%22%E6%96%87%E4%BB%B6%E7%B4%A2%E5%BC%95%22

As can be seen, many websites have used ZLMediaKit!

After testing, I found that there is a Directory Traversal vulnerability in ZLMediaKit that attackers can use to obtain sensitive user information and do malicious operation, including surveillance camera images.

Vulnerability implementation process:

！！There is sensitive information in the /snap/ and /webrtc/ directory of the website！！

Such as:

1、 http://boluomee.com/readme/ http://boluomee.com/snap/ http://boluomee.com/webrtc/

2、 http://139.224.8.4:28080/readme/ http://139.224.8.4:28080/snap/ http://139.224.8.4:28080/webrtc/

3、 http://139.155.24.130:8091/readme/ http://139.155.24.130:8091/snap/ http://139.155.24.130:8091/webrtc/

4、 http://101.132.75.243:9094/readme/ http://101.132.75.243:9094/snap/ http://101.132.75.243:9094/webrtc/

5、 http://113.16.167.137:3009/readme/ http://113.16.167.137:3009/snap/ http://113.16.167.137:3009/webrtc/

Repair suggestions:

Add access control for directories at all levels and add permission verification code. Users need to log in to access all levels of directories.