CVE-2021-31630 PoC — OpenPLC 代码注入漏洞

Source

https://github.com/junnythemarksman/CVE-2021-31630

Associated Vulnerability

Title:OpenPLC 代码注入漏洞 (CVE-2021-31630)
Description:OpenPLC是一种开源的可编程逻辑控制器。可为自动化和研究提供低成本的工业解决方案。 OpenPLC v3 存在代码注入漏洞，该漏洞源于产品的web服务中 /hardware 页面的Hardware Layer Code Box组件未能过滤输入的特殊字符。攻击者可通过该漏洞执行系统命令。

Description

Modified the PoC CVE-2021-31630 script by Fellipe Oliveira for HTB

Readme

# CVE-2021-31630
Modified the PoC CVE-2021-31630 script by Fellipe Oliveira for HTB 

## Usage
'Example usage: exploit.py -u http://target-uri:8080 -l admin -p admin -i 192.168.1.54 -r 4444 -P program.st"'

File Snapshot


 [4.0K]  /data/pocs/8c075af74f99cb53c901519d959458d3aeb16714
├── [8.6K]  exploit.py
└── [ 206]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!