Genexis Platinum-4410 2.1 – Authentication Bypass

• Exploit Database
• 38 阅读

• 作者： Husinul Sanub
  日期： 2020-01-24
• 类别：

  • webapps
  平台：

  • hardware
• 来源：https://www.exploit-db.com/exploits/47961/

• # Exploit Title:Genexis Platinum-4410 2.1 - Authentication Bypass
  # Date: 20220-01-08
  # Exploit Author: Husinul Sanub
  # Author Contact: https://www.linkedin.com/in/husinul-sanub-658239106/
  # Vulnerable Product: Genexis Platinum-4410 v2.1 Home Gateway Router https://genexis.co.in/product/ont/
  # Firmware version: P4410-V2–1.28
  # Vendor Homepage: https://genexis.co.in/
  # Reference: https://medium.com/@husinulzsanub/exploiting-router-authentication-through-web-interface-68660c708206
  # CVE: CVE-2020-6170
  
  Vulnerability Details
  ======================
  Genexis Platinum-4410 v2.1 Home Gateway Router discloses passwords of each users(Admin,GENEXIS,user3) in plain text behind login page source “http://192.168.1.1/cgi-bin/index2.asp". This could potentially allow a remote attacker access sensitive information and perform actions such as reset router, changing passwords, upload malicious firmware etc.
  
  How to reproduce
  ===================
  Suppose 192.168.1.1 is the router IP and check view page source of login page “http://192.168.1.1/cgi-bin/index2.asp",There we can found passwords for each login accounts in clear text.
  
  
  POC
  =========
  * https://youtu.be/IO_Ez4XH-0Y