CVE-2018-17924 PoC — 多款Rockwell Automation产品安全漏洞

Source

https://github.com/g0dd0ghd/CVE-2018-17924-PoC

Associated Vulnerability

Title:多款Rockwell Automation产品安全漏洞 (CVE-2018-17924)
Description:Rockwell Automation MicroLogix 1400 Controllers Series A等都是美国罗克韦尔（Rockwell Automation）公司的可编程逻辑控制器。多款Rockwell Automation产品中存在安全漏洞，该漏洞源于程序缺少身份验证。攻击者可通过发送CIP连接请求，完成连接后发送新的IP配置利用该漏洞修改系统配置并造成设备与系统之间的通信丢失。以下产品和版本受到影响：MicroLogix 1400 Controllers Series A（全部版本），

Description

My team research about CVE-2018-17924 of Rockwell Automation Micrologix 1400

Readme

# CVE-2018-17924
My team research about CVE-2018-17924 of Rockwell Automation Micrologix 1400. This research occured when I participated in OPSWAT fellowship program in 10/2023.
### Blog
https://www.opswat.com/blog/strengthening-ot-security-against-cve-2018-17924-with-metadefender-ot-solutions

File Snapshot


 [4.0K]  /data/pocs/5b6df31342a9140a8116817452aee6e7e9c6f767
├── [ 14K]  ChangeIPRockwell1400.pcapng
├── [3.1K]  CVE-2018-17924.py
├── [1.0K]  LICENSE
└── [ 295]  README.md

0 directories, 4 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!