CVE-2023-48842 PoC — D-Link Go-RT-AC750 安全漏洞

Source

https://github.com/creacitysec/CVE-2023-48842

Associated Vulnerability

Title:D-Link Go-RT-AC750 安全漏洞 (CVE-2023-48842)
Description:D-Link GO-RT-AC750是中国友讯（D-Link）公司的一款无线双频简易路由器。 D-Link Go-RT-AC750 revA_v101b03版本存在安全漏洞，该漏洞源于通过 hedwig.cgi 的service参数发现包含命令注入漏洞。

Readme

# CVE-2023-48842

## Source :

D-Link Go-RT-AC750 revA_v101b03 was discovered to contain a command injection vulnerability via the service parameter at hedwig.cgi.

https://drive.google.com/file/d/1y5om__f2SAhNmcPqDxC_SRTvJVAWwPcH/view

## Little upgrade : 

I updated the script which is now on steroids, the script accept list of ip:port (or ip only if port is not provided), use multi-threading (Tren effect :D) and output only valide credentials. 

## Disclaimer : 

FOR EDUCATIONAL PURPOSES ONLY

File Snapshot


 [4.0K]  /data/pocs/cc6ef2669a4265011c9203fadf0b97008fb2c4b1
├── [2.5K]  exploit.py
└── [ 502]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!