A weak zabbix password in CNTV causes 16 Intranet servers to execute commands
The weak zabbix password of CNTV is harmful to everyone. However, since cntv has deployed CDN, I will not tell you the specific IP address, that is, in 115. 182. *. 75.
115.182.9.75
Zabbix of CCTV proves:
Weak Password: Admin zabbix
After logging in, check that there are 16 hosts.
You can run the command to modify the command to be executed.
For example, I Want To view/etc/passwd and change it to cat/etc/passwd.
Then you can run the command
However, permission control should be implemented, and some commands cannot be executed, but most of them are still acceptable, causing great harm.
Weak Password: Admin zabbix
After logging in, check that there are 16 hosts.
You can run the command to modify the command to be executed.
For example, I Want To view/etc/passwd and change it to cat/etc/passwd.
Then you can run the command
However, permission control should be implemented, and some commands cannot be executed, but most of them are still acceptable, causing great harm.
Solution:
Modify weak passwords.