# 锐捷ISG 账号密码泄露漏洞

### 漏洞描述 <a href="#lou-dong-miao-shu" id="lou-dong-miao-shu"></a>

锐捷ISG 存在账号密码泄露漏洞，通过查看前端，可以获取密码的md5值, 解密后获取后台权限

### 漏洞影响 <a href="#lou-dong-ying-xiang" id="lou-dong-ying-xiang"></a>

&#x20;Note

锐捷ISG

### FOFA <a href="#fofa" id="fofa"></a>

&#x20;Note

title="RG-ISG"

### 漏洞复现 <a href="#lou-dong-fu-xian" id="lou-dong-fu-xian"></a>

登录页面如下

![](https://4279400230-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MgxNkYa2vR6HNnHdkjg%2F-Mhr29TNgN3F9wtPQQQU%2F-MhrY8DXp3UP7RrxlAai%2Fimage.png?alt=media\&token=f346dcca-fe5b-4a55-9449-40e742d1beb8)

F12 查看到账号密码

![](https://4279400230-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MgxNkYa2vR6HNnHdkjg%2F-Mhr29TNgN3F9wtPQQQU%2F-MhrYG2AmKpxmk4GdWzk%2Fimage.png?alt=media\&token=776e3a34-49cf-4f20-9edd-0353f787d2d5)

解密md5 后登陆系统

![](https://4279400230-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MgxNkYa2vR6HNnHdkjg%2F-Mhr29TNgN3F9wtPQQQU%2F-MhrYL8Ut1xxmQm9Kwav%2Fimage.png?alt=media\&token=c522bd68-d2ca-4a78-97b7-95701c194baf)