|
59107 | 59107 | "session_types": false, |
59108 | 59108 | "needs_cleanup": null |
59109 | 59109 | }, |
| 59110 | + "exploit_linux/http/geutebruck_instantrec_bof": { |
| 59111 | + "name": "Geutebruck instantrec Remote Command Execution", |
| 59112 | + "fullname": "exploit/linux/http/geutebruck_instantrec_bof", |
| 59113 | + "aliases": [ |
| 59114 | + |
| 59115 | + ], |
| 59116 | + "rank": 600, |
| 59117 | + "disclosure_date": "2021-07-08", |
| 59118 | + "type": "exploit", |
| 59119 | + "author": [ |
| 59120 | + "Titouan Lazard - RandoriSec", |
| 59121 | + "Ibrahim Ayadhi - RandoriSec" |
| 59122 | + ], |
| 59123 | + "description": "This module exploits a buffer overflow within the 'action'\n parameter of the /uapi-cgi/instantrec.cgi page of Geutebruck G-Cam EEC-2xxx and G-Code EBC-21xx, EFD-22xx,\n ETHC-22xx, and EWPC-22xx devices running firmware versions == 1.12.0.27 as well as firmware\n versions 1.12.13.2 and 1.12.14.5.\n Successful exploitation results in remote code execution as the root user.", |
| 59124 | + "references": [ |
| 59125 | + "CVE-2021-33549", |
| 59126 | + "URL-https://www.randorisec.fr/udp-technology-ip-camera-vulnerabilities/", |
| 59127 | + "URL-http://geutebruck.com", |
| 59128 | + "URL-https://us-cert.cisa.gov/ics/advisories/icsa-21-208-03" |
| 59129 | + ], |
| 59130 | + "platform": "Linux,Unix", |
| 59131 | + "arch": "armle", |
| 59132 | + "rport": 80, |
| 59133 | + "autofilter_ports": [ |
| 59134 | + 80, |
| 59135 | + 8080, |
| 59136 | + 443, |
| 59137 | + 8000, |
| 59138 | + 8888, |
| 59139 | + 8880, |
| 59140 | + 8008, |
| 59141 | + 3000, |
| 59142 | + 8443 |
| 59143 | + ], |
| 59144 | + "autofilter_services": [ |
| 59145 | + "http", |
| 59146 | + "https" |
| 59147 | + ], |
| 59148 | + "targets": [ |
| 59149 | + "Automatic Target" |
| 59150 | + ], |
| 59151 | + "mod_time": "2021-09-16 08:22:57 +0000", |
| 59152 | + "path": "/modules/exploits/linux/http/geutebruck_instantrec_bof.rb", |
| 59153 | + "is_install_path": true, |
| 59154 | + "ref_name": "linux/http/geutebruck_instantrec_bof", |
| 59155 | + "check": false, |
| 59156 | + "post_auth": false, |
| 59157 | + "default_credential": false, |
| 59158 | + "notes": { |
| 59159 | + "Stability": [ |
| 59160 | + "CRASH_SAFE" |
| 59161 | + ], |
| 59162 | + "Reliability": [ |
| 59163 | + "REPEATABLE_SESSION" |
| 59164 | + ], |
| 59165 | + "SideEffects": [ |
| 59166 | + "ARTIFACTS_ON_DISK" |
| 59167 | + ] |
| 59168 | + }, |
| 59169 | + "session_types": false, |
| 59170 | + "needs_cleanup": null |
| 59171 | + }, |
59110 | 59172 | "exploit_linux/http/geutebruck_testaction_exec": { |
59111 | 59173 | "name": "Geutebruck testaction.cgi Remote Command Execution", |
59112 | 59174 | "fullname": "exploit/linux/http/geutebruck_testaction_exec", |
|
0 commit comments