©20 "Copyright Yamaha Corporation Visit"

• SHDB
• 636 阅读

• 日期：2021-10-05
• 类别：
  • Various Online Devices
• 作者：MiningOmerta
• 语法：©20 "Copyright Yamaha Corporation Visit"

• # Google Dork: ©20 "Copyright Yamaha Corporation Visit"
  # Various Online Devices
  # Date: 28/09/2021
  # Exploit Author: MiningOmerta

  This dorks finds Yamaha Systems that can be controlled and configured remotely. Unauthenticated access to various Yamaha devices. While unauthenticated (no prompt for authentication), one has the ability to upload firmware, remotely interact with devices from the URL (http://ip.addr/index.html?zone=0&foo=1), alter network and name settings, AirPlay and wifi password disclosure, change network settings to something other than they are, dissect firmware via backup, etc. There is also disclosure of the device’s internal IP address in the network settings.