Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-40859 PoC — Auerswald Compact 系列安全漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2021/CVE-2021-40859.yaml
Associated Vulnerability
Title:Auerswald Compact 系列安全漏洞 (CVE-2021-40859)
Description:Auerswald Compact 系列是德国Auerswald公司的一种 Ict 解决方案。 Auerswald Compact 系列 存在安全漏洞,该漏洞源于该产品的固件中发现了几个后门。这些后门允许能够访问基于 Web 的管理应用程序的攻击者对设备进行完全管理访问。8.0B 及以下版本受到影响。
Description
Auerswald COMpact 5500R 7.8A and 8.0B devices contain an unauthenticated endpoint ("https://192.168.1[.]2/about_state"), enabling the bad actor to gain backdoor access to a web interface that allows for resetting the administrator password.
File Snapshot

 id: CVE-2021-40859

info:
  name: Auerswald COMpact 5500R 7.8A and 8.0B Devices Backdoor
  author: p

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.