{"id":10046,"date":"2017-10-23T14:19:24","date_gmt":"2017-10-23T22:19:24","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2017\/10\/23\/news-3819\/"},"modified":"2017-10-23T14:19:24","modified_gmt":"2017-10-23T22:19:24","slug":"news-3819","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2017\/10\/23\/news-3819\/","title":{"rendered":"SSD Advisory \u2013 ZTE ZXR10 Router Multiple Vulnerabilities"},"content":{"rendered":"<p><strong>Credit to Author: SSD \/ Maor Schwartz| Date: Mon, 23 Oct 2017 10:35:08 +0000<\/strong><\/p>\n<div class=\"entry-content\">\n<p><strong>Want to get paid for a vulnerability similar to this one?<\/strong><br \/>Contact us at: <a href=\"mailto:sxsxd@bxexyxoxnxdxsxexcxuxrxixtxy.com\" onmouseover=\"this.href=this.href.replace(\/x\/g,'');\" id=\"a-href-3495\">sxsxdx@xbxexyxoxnxdxsxexcxuxrxixtxy.xcom<\/a><br \/><script>var obj = jQuery('#a-href-3495');if(obj[0]) { obj[0].innerText = obj[0].innerText.replace(\/x\/g, ''); }<\/script> See our full scope at: <a href=\"https:\/\/blogs.securiteam.com\/index.php\/product_scope\">https:\/\/blogs.securiteam.com\/index.php\/product_scope<\/a><\/p>\n<div class=\"pf-content\">\n<p><strong>Vulnerabilities summary<\/strong><br \/> The following advisory describes five (5) vulnerabilities found in ZTE ZXR10 Router.<\/p>\n<p>ZXR10 ZSR V2 series router is &#8220;the next generation intelligent access router product of ZTE, which integrates routing, switching, wireless, security, and VPN gateway. The product adopts industry-leading hardware platform and software architecture to provide an intelligent and flexible platform for building efficient, reliable, flexible, and maintainable enterprise intelligence networks.&#8221;<\/p>\n<p>The vulnerabilities found are:<\/p>\n<ul>\n<li>Hard-coded credentials<\/li>\n<li>Arbitrary file upload<\/li>\n<li>Authentication bypass<\/li>\n<li>Arbitrary file read<\/li>\n<li>Unauthorized configuration file download<\/li>\n<\/ul>\n<p><strong>Credit<\/strong><br \/> An independent security researcher has reported this vulnerability to Beyond Security\u2019s SecuriTeam Secure Disclosure program.<\/p>\n<p><strong>Vendor response<\/strong><br \/> The vendor has released patches to address these vulnerabilities.<\/p>\n<p>For more details: http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2017-10931<\/p>\n<p>CVE: CVE-2017-10931<\/p>\n<p><span id=\"more-3495\"><\/span><\/p>\n<p><strong><u>Vulnerabilities details<\/u><\/strong><br \/> <strong>Hard-coded credentials<\/strong><br \/> Username: who<br \/> Password: who<\/p>\n<p>Username: zte<br \/> Password: zte<\/p>\n<p>Username: ncsh<br \/> Password: ncsh<\/p>\n<p><strong>Arbitrary file upload<\/strong><br \/> A user that has logged in can upload malicious configuration file.<\/p>\n<p>Usually, when a user tries to upload a file via web interface (&#8220;System Maintenance -> Configuration Management -> Loads specified system configuration&#8221; web interface) there is a limit to which  filename can be used.<\/p>\n<p><a href=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE1.jpg\" data-slb-active=\"1\" data-slb-asset=\"1983333026\" data-slb-internal=\"0\" data-slb-group=\"3495\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE1-300x153.jpg\" alt=\"\" width=\"300\" height=\"153\" class=\"alignnone size-medium wp-image-3496\" srcset=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE1-300x153.jpg 300w, https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE1-768x392.jpg 768w, https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE1.jpg 806w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<p>The filename limitation is forced by the web interface (front-end), by modifying the POST request using proxy (burp for example):<\/p>\n<p><a href=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE2.jpg\" data-slb-active=\"1\" data-slb-asset=\"1029430480\" data-slb-internal=\"0\" data-slb-group=\"3495\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE2-300x140.jpg\" alt=\"\" width=\"300\" height=\"140\" class=\"alignnone size-medium wp-image-3497\" srcset=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE2-300x140.jpg 300w, https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE2-768x357.jpg 768w, https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE2-1024x476.jpg 1024w, https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE2.jpg 1219w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<p>We can bypass this restriction. <\/p>\n<p>In addition, after we uploaded a file, we can modify the startrun.dat to startrun.txt.<\/p>\n<p>We can do that by going to System Maintenance -> Configuration Management -> Back up system settings and send the following POST request:<br \/> <a href=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE3.jpg\" data-slb-active=\"1\" data-slb-asset=\"491639268\" data-slb-internal=\"0\" data-slb-group=\"3495\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE3-300x80.jpg\" alt=\"\" width=\"300\" height=\"80\" class=\"alignnone size-medium wp-image-3498\" srcset=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE3-300x80.jpg 300w, https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE3-768x204.jpg 768w, https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE3.jpg 877w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<p><strong>Authentication bypass<\/strong><br \/> One of the ways ZTE ZXR10 web server distinguish between Administrator and regular user is by adding in the user cookie &#8216;authority&#8217; parameter. <\/p>\n<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-59ee6aec2f0ad149255436\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\">\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> authority=2 for Admin  authority=1 for User<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">  \t\t\t\t  \t\t\t<\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0003 seconds] -->  <\/p>\n<p>Admin<br \/> <a href=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE4.jpg\" data-slb-active=\"1\" data-slb-asset=\"1438460305\" data-slb-internal=\"0\" data-slb-group=\"3495\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE4-300x56.jpg\" alt=\"\" width=\"300\" height=\"56\" class=\"alignnone size-medium wp-image-3499\" srcset=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE4-300x56.jpg 300w, https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE4-768x145.jpg 768w, https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE4-1024x193.jpg 1024w, https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE4.jpg 1131w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<p>User<br \/> <a href=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE5.jpg\" data-slb-active=\"1\" data-slb-asset=\"1724896508\" data-slb-internal=\"0\" data-slb-group=\"3495\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE5-300x47.jpg\" alt=\"\" width=\"300\" height=\"47\" class=\"alignnone size-medium wp-image-3500\" srcset=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE5-300x47.jpg 300w, https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE5-768x122.jpg 768w, https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE5-1024x162.jpg 1024w, https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE5.jpg 1257w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<p>A user can only view the basic information:<br \/> <a href=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE6-1.jpg\" data-slb-active=\"1\" data-slb-asset=\"1796310923\" data-slb-internal=\"0\" data-slb-group=\"3495\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE6-1-300x143.jpg\" alt=\"\" width=\"300\" height=\"143\" class=\"alignnone size-medium wp-image-3502\" srcset=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE6-1-300x143.jpg 300w, https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE6-1-768x365.jpg 768w, https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE6-1-1024x487.jpg 1024w, https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE6-1.jpg 1288w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<p>If a user will edit the content of the cookie (&#8216;authority&#8217; parameter) he could log as an administrator:<br \/> <a href=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE7.jpg\" data-slb-active=\"1\" data-slb-asset=\"899479867\" data-slb-internal=\"0\" data-slb-group=\"3495\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE7-273x300.jpg\" alt=\"\" width=\"273\" height=\"300\" class=\"alignnone size-medium wp-image-3503\" srcset=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE7-273x300.jpg 273w, https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE7.jpg 626w\" sizes=\"auto, (max-width: 273px) 100vw, 273px\" \/><\/a><\/p>\n<p>We will refresh the page and page see that we logged as administrator. Now we can download the configuration file the the list of users and passwords:<br \/> <a href=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE8.jpg\" data-slb-active=\"1\" data-slb-asset=\"1118153397\" data-slb-internal=\"0\" data-slb-group=\"3495\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE8-300x98.jpg\" alt=\"\" width=\"300\" height=\"98\" class=\"alignnone size-medium wp-image-3504\" srcset=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE8-300x98.jpg 300w, https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE8.jpg 554w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<p><strong>Arbitrary file read<\/strong><br \/> An authenticated user can send a ping from the web interface (System Maintenance -> Diagnostic Tools).<\/p>\n<p>The GET request is vulnerable and can be modify to read the arbitrary files.<\/p>\n<p>Successful exploitation of this vulnerability enables a remote authenticated user to read the content of any file existing on the host, this includes files located outside of the web root folder.<\/p>\n<p>Original GET request:<br \/> <a href=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE9.jpg\" data-slb-active=\"1\" data-slb-asset=\"1259807435\" data-slb-internal=\"0\" data-slb-group=\"3495\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE9-300x130.jpg\" alt=\"\" width=\"300\" height=\"130\" class=\"alignnone size-medium wp-image-3505\" srcset=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE9-300x130.jpg 300w, https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE9-768x332.jpg 768w, https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE9.jpg 941w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<p>Modified request:<br \/> <a href=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE10.jpg\" data-slb-active=\"1\" data-slb-asset=\"1552413701\" data-slb-internal=\"0\" data-slb-group=\"3495\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE10-300x121.jpg\" alt=\"\" width=\"300\" height=\"121\" class=\"alignnone size-medium wp-image-3506\" srcset=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE10-300x121.jpg 300w, https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE10-768x309.jpg 768w, https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE10-1024x412.jpg 1024w, https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE10.jpg 1239w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<p>Server response:<br \/> <a href=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE11.jpg\" data-slb-active=\"1\" data-slb-asset=\"480550315\" data-slb-internal=\"0\" data-slb-group=\"3495\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE11-300x96.jpg\" alt=\"\" width=\"300\" height=\"96\" class=\"alignnone size-medium wp-image-3507\" srcset=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE11-300x96.jpg 300w, https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE11-768x247.jpg 768w, https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE11-1024x329.jpg 1024w, https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE11.jpg 1426w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<p><strong>Unauthorized configuration file download<\/strong><br \/> Users do not have permission to download the configuration file. <\/p>\n<p>By sending the following POST request, any logged user can download the configuration file:<br \/> <a href=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE12.jpg\" data-slb-active=\"1\" data-slb-asset=\"1853110640\" data-slb-internal=\"0\" data-slb-group=\"3495\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE12-300x77.jpg\" alt=\"\" width=\"300\" height=\"77\" class=\"alignnone size-medium wp-image-3508\" srcset=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE12-300x77.jpg 300w, https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE12-768x197.jpg 768w, https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE12-1024x262.jpg 1024w, https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE12.jpg 1489w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<p>replace the SESSIONID to the current login value, note that, authotiry no need to change, and then successfully download the configuration file:<\/p>\n<p><a href=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE13.jpg\" data-slb-active=\"1\" data-slb-asset=\"471677580\" data-slb-internal=\"0\" data-slb-group=\"3495\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE13-300x141.jpg\" alt=\"\" width=\"300\" height=\"141\" class=\"alignnone size-medium wp-image-3509\" srcset=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE13-300x141.jpg 300w, https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE13-768x360.jpg 768w, https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE13-1024x481.jpg 1024w, https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE13.jpg 1519w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<div class=\"printfriendly pf-alignleft\"><a href=\"#\" rel=\"nofollow\" onclick=\"window.print(); return false;\" class=\"noslimstat\" title=\"Printer Friendly, PDF &#038; Email\"><img decoding=\"async\" style=\"border:none;-webkit-box-shadow:none; box-shadow:none;\" src=\"https:\/\/cdn.printfriendly.com\/buttons\/printfriendly-button.png\" alt=\"Print Friendly, PDF &#038; Email\" \/><\/a><\/div>\n<\/div><\/div>\n<p><a href=\"https:\/\/blogs.securiteam.com\/index.php\/archives\/3495\" target=\"bwo\" >https:\/\/blogs.securiteam.com\/index.php\/feed<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/blogs.securiteam.com\/wp-content\/uploads\/2017\/10\/ZTE1-300x153.jpg\"\/><\/p>\n<p><strong>Credit to Author: SSD \/ Maor Schwartz| Date: Mon, 23 Oct 2017 10:35:08 +0000<\/strong><\/p>\n<p>Vulnerabilities summary The following advisory describes five (5) vulnerabilities found in ZTE ZXR10 Router. ZXR10 ZSR V2 series router is &#8220;the next generation intelligent access router product of ZTE, which integrates routing, switching, wireless, security, and VPN gateway. The product adopts industry-leading hardware platform and software architecture to provide an intelligent and flexible platform for &#8230; <a href=\"https:\/\/blogs.securiteam.com\/index.php\/archives\/3495\" class=\"more-link\">Continue reading <span class=\"screen-reader-text\">SSD Advisory \u2013 ZTE ZXR10 Router Multiple Vulnerabilities<\/span><\/a><\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10643,10754],"tags":[11591,16041,10757,12686],"class_list":["post-10046","post","type-post","status-publish","format-standard","hentry","category-independent","category-securiteam","tag-file-disclosure","tag-hard-coded-password","tag-securiteam-secure-disclosure","tag-unrestricted-file-upload"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/10046","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=10046"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/10046\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=10046"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=10046"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=10046"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}