CVE-2023-36143 PoC — Maxprint Maxlink 1200G 操作系统命令注入漏洞

Source

https://github.com/leonardobg/CVE-2023-36143

Associated Vulnerability

Title:Maxprint Maxlink 1200G 操作系统命令注入漏洞 (CVE-2023-36143)
Description:Maxprint Maxlink 1200G是Maxprint公司的一款无线路由器。 Maxprint Maxlink 1200G v3.4.11E版本存在安全漏洞，该漏洞源于存在操作系统命令注入漏洞。

Readme

# CVE-2023-36143

PoC of CVE-2023-36143 - Maxprint Maxlink 1200G v3.4.11E

## Command Injection


## Steps to Reproduce:

1. Log in the equipment via your web browser
2. Go to the diagnostic tool
3. Insert any ip, e.g 127.0.0.1, the ; character and a command.
4. Example: 127.0.0.1;cat /etc/passwd

File Snapshot


 [4.0K]  /data/pocs/87ef52708b611eb0fcb13f4820ac65399e13fa78
└── [ 298]  README.md

0 directories, 1 file

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.