关联漏洞
标题:Longse LBH30FE200W 安全漏洞 (CVE-2024-5633)Description:Longse LBH30FE200W是中国长视科技(Longse)公司的一款无线网络摄像头。 Longse LBH30FE200W存在安全漏洞,该漏洞源于相关产品为位于同一本地网络中的攻击者提供了对其中一个端口上未记录的二进制服务CoolView的无限制访问权限。攻击者能够对设备内存执行读/写操作,导致绕过telnet登录并获得对设备的完全访问权限。
Description
PoC for CVE-2024-5633
介绍
# PoC for CVE-2024-5633
Longse model LBH30FE200W cameras, as well as products based on this device, provide an unrestricted access for an attacker located in the same local network to an undocumented binary service CoolView on one of the ports. An attacker with a knowledge of the available commands is able to perform read/write operations on the device's memory, which might result in e.g. bypassing telnet login and obtaining full access to the device.
https://www.cve.org/CVERecord?id=CVE-2024-5633
文件快照
[4.0K] /data/pocs/d5262c2ed6e369314a0adb976e3cf53dc3897c55
├── [3.2K] exploit.py
├── [ 505] README.md
└── [ 24] requirements.txt
0 directories, 3 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮件到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对 POC 代码进行快照,为了长期维护,请考虑为本地 POC 付费/捐赠,感谢您的支持。