CVE-2022-34753 PoC — Schneider Electric SpaceLogic C-Bus Home Controller 操作系统命令注入漏洞

Source

https://github.com/K3ysTr0K3R/CVE-2022-34753-EXPLOIT

Associated Vulnerability

Title:Schneider Electric SpaceLogic C-Bus Home Controller 操作系统命令注入漏洞 (CVE-2022-34753)
Description:A CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability exists that could cause remote root exploit when the command is compromised. Affected Products: SpaceLogic C-Bus Home Controller (5200WHC2), formerly known as C-Bus Wiser Homer Controller MK2 (V1.31.460 and prior)

Description

A PoC exploit for CVE-2022-34753 - OS Command Injection in SpaceLogic C-Bus Home Controller

Readme

# CVE-2022-34753 - OS Command Injection in SpaceLogic C-Bus Home Controller

CVE-2022-34753 is a critical security vulnerability classified under CWE-78, indicating an "Improper Neutralization of Special Elements used in an OS Command" (commonly referred to as 'OS Command Injection'). This vulnerability poses a significant risk as it may lead to a remote root exploit if the affected command is compromised.

# Affected Products

This vulnerability affects the following product:

    Product Name: SpaceLogic C-Bus Home Controller (5200WHC2)
    Formerly Known As: C-Bus Wiser Home Controller MK2
    Version: V1.31.460 and prior

# Disclaimer

The PoC exploit provided is for educational and informational purposes only. The author is not responsible for any misuse or damage caused by the exploitation of this vulnerability.

File Snapshot


 [4.0K]  /data/pocs/38284b19a302ee3f681943c4eb7ded3d78988e62
├── [3.9K]  CVE-2022-34753.py
└── [ 830]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!