CVE-2019-3929 PoC — 多款路由器命令操作系统命令注入漏洞

Source

https://github.com/xfox64x/CVE-2019-3929

Associated Vulnerability

Title:多款路由器命令操作系统命令注入漏洞 (CVE-2019-3929)
Description:多款路由器中存在命令操作系统命令注入漏洞。该漏洞源于外部输入数据构造可执行命令过程中，网络系统或产品未正确过滤其中的特殊元素。攻击者可利用该漏洞执行非法命令。以下产品及版本受到影响：使用1.6.0.2版本固件的Crestron AM-100；使用2.7.0.1版本固件的Crestron AM-101；使用2.3.0.10版本固件的Barco wePresent WiPG-1000P；使用2.4.1.19之前版本固件的Barco wePresent WiPG-1600W；使用2.0.3.4版本固件的Extr

Description

Crestron/Barco/Extron/InFocus/TeqAV Remote Command Injection (CVE-2019-3929) Metasploit Module

Readme

# CVE-2019-3929
Crestron/Barco/Extron/InFocus/TeqAV Remote Command Injection (CVE-2019-3929) Metasploit Module

Per [Tenable's description](https://www.tenable.com/security/research/tra-2019-20):

"A remote, unauthenticated attacker can execute operating system commands as root via crafted requests to the HTTP endpoint file_transfer.cgi. This vulnerability appears to affect all known devices including the Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000 firmware 2.3.0.10, Barco wePresent WiPG-1600 before firmware 2.4.1.19, Extron ShareLink 200/250 firmware 2.0.3.4, Teq AV IT WIPS710 firmware 1.1.0.7, SHARP PN-L703WA firmware 1.4.2.3, Optoma WPS-Pro firmware 1.0.0.5, Blackbox HD WPS firmware 1.0.0.5, InFocus LiteShow3 firmware 1.0.16, and InFocus LiteShow4 2.0.0.7"

All credit to Tenable. Module successfully exploited Crestron AM-100/101 devices with firmware <= to that mentioned above.

File Snapshot


 [4.0K]  /data/pocs/d8d7fe42ebd8ee07e24f8747e90f939a08fc7033
├── [4.5K]  CVE-2019-3929.rb
└── [ 944]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!