CVE-2024-8232 PoC — iniNet Solutions SpiderControl SCADA Web Server 代码问题漏洞

Source

https://github.com/z3usx01/CVE-2024-8232

Associated Vulnerability

Title:iniNet Solutions SpiderControl SCADA Web Server 代码问题漏洞 (CVE-2024-8232)
Description:iniNet Solutions SpiderControl SCADA Web Server是iniNet Solutions公司的一款服务器。 iniNet Solutions SpiderControl SCADA Web Server存在代码问题漏洞。攻击者利用该漏洞可以上传特制的恶意文件。

Description

SpiderControl SCADA Web Server File Upload Vulnerability

Readme


# CVE-2024-8232 – SpiderControl SCADA Web Server File Upload Vulnerability

##  Summary
SpiderControl SCADA Web Server is vulnerable to unauthenticated arbitrary file uploads, allowing attackers to upload malicious scripts (e.g., web shells) and gain remote code execution.

- **CVE ID**: CVE-2024-8232
- **Vendor**: iniNet Solutions GmbH
- **Affected Product**: SpiderControl SCADA Web Server
- **Impact**: Remote Code Execution
- **Exploit Type**: Unauthenticated File Upload

## ⚠ Disclaimer
This proof of concept is for educational purposes **only**. Do not use against systems without explicit authorization.

## 🛠️ Usage

```bash
python3 poc.py http://TARGET-IP upload.php shell.php

File Snapshot


 [4.0K]  /data/pocs/8c6234c4de80e5ab09613886ea7bf7a403784fa6
├── [1.2K]  poc.py
└── [ 699]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!