Samsung SRN-1670D Web Viewer 1.0.0.193 Arbitrary File Read / Upload

Posted on 11 January 2018

This Metasploit module exploits an unrestricted file upload vulnerability in Web Viewer 1.0.0.193 on Samsung SRN-1670D devices. The network_ssl_upload.php file allows remote authenticated attackers to upload and execute arbitrary PHP code via a filename with a .php extension, which is then accessed via a direct request to the file in the upload/ directory. To authenticate for this attack, one can obtain web-interface credentials in cleartext by leveraging the existing local file read vulnerability referenced by CVE-2015-8279, which allows remote attackers to read the web interface credentials by sending a request to: cslog_export.php?path=/root/php_modules/lighttpd/sbin/userpw URI.

TOP

Malware :

Backdoor:Win32/Heloag.A
Exploit:Win32/CVE-2011-3402
Trojan:Win32/Obfac
Exploit:Win32/Pdfjsc.YP
TrojanDownloader:Win32/Bofang.B

Last 20

Exploits :

Customer Support System 1.0 Cross Site Scripting
Xhibiter NFT Marketplace 1.10.2 SQL Injection
WordPress WPCode Lite 2.1.14 Cross Site Scripting
Azon Dominator Affiliate Marketing Script SQL Injection
Simple Laboratory Management System 1.0 SQL Injection

Last 20