CVE-2026-27180 PoC — MajorDoMo 安全漏洞

Source

https://github.com/mbanyamer/CVE-2026-27180-MajorDoMo-unauthenticated-RCE

Associated Vulnerability

Title:MajorDoMo 安全漏洞 (CVE-2026-27180)
Description:MajorDoMo是MajorDoMo社区的一个开源DIY智能家居自动化平台。 MajorDoMo存在安全漏洞，该漏洞源于saverestore模块通过/objects/?module=saverestore端点公开其admin()方法而无需身份验证，攻击者可毒化系统更新URL，然后触发force_update处理程序来启动更新链，该方法从攻击者控制的URL获取Atom源，下载tarball，提取并复制所有提取的文件到文档根目录，可能导致远程代码执行。

File Snapshot


 None

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2026-27180 PoC — MajorDoMo 安全漏洞

Source

Associated Vulnerability

File Snapshot

Remarks