# Exploit Title: Solar-Log 500 2.8.2 - Incorrect Access Control# Google Dork: In Shodan search engine, the filter is ""Server: IPC@CHIP""# Date: 2021-06-11# Exploit Author: Luca.Chiou# Vendor Homepage: https://www.solar-log.com/en/# Software Link: Firmware for Solar-Log https://www.solar-log.com/en/support/firmware/# Version: Solar-Log 500 all versions prior to 2.8.2 Build 52 - 23.04.2013# Tested on: It is a proprietary devices: https://www.solar-log.com/en/support/firmware/# 1. Description:# The web administration server for Solar-Log 500 all versions prior to 2.8.2 Build 52 does not require authentication,# which allows arbitrary remote attackers to gain administrative privileges by connecting to the server.# As a result, the attacker can modify configuration files and change the system status.# 2. Proof of Concept:# Access the /lan.html of Solar-Log 500 without ANY authentication,# and you can get gain administrative privileges to modify configuration files and change the system status.# http://<Your Modem IP>/lan.html
