CVE-2024-5633 PoC — Longse LBH30FE200W 安全漏洞

Source

https://github.com/Adikso/CVE-2024-5633

Associated Vulnerability

Title:Longse LBH30FE200W 安全漏洞 (CVE-2024-5633)
Description:Longse LBH30FE200W是中国长视科技（Longse）公司的一款无线网络摄像头。 Longse LBH30FE200W存在安全漏洞，该漏洞源于相关产品为位于同一本地网络中的攻击者提供了对其中一个端口上未记录的二进制服务CoolView的无限制访问权限。攻击者能够对设备内存执行读/写操作，导致绕过telnet登录并获得对设备的完全访问权限。

Description

PoC for CVE-2024-5633

Readme

# PoC for CVE-2024-5633

Longse model LBH30FE200W cameras, as well as products based on this device, provide an unrestricted access for an attacker located in the same local network to an undocumented binary service CoolView on one of the ports.  An attacker with a knowledge of the available commands is able to perform read/write operations on the device's memory, which might result in e.g. bypassing telnet login and obtaining full access to the device.

https://www.cve.org/CVERecord?id=CVE-2024-5633

File Snapshot


 [4.0K]  /data/pocs/d5262c2ed6e369314a0adb976e3cf53dc3897c55
├── [3.2K]  exploit.py
├── [ 505]  README.md
└── [  24]  requirements.txt

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!