Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2018-17924 PoC — 多款Rockwell Automation产品安全漏洞

Source
https://github.com/g0dd0ghd/CVE-2018-17924
Associated Vulnerability
Title:多款Rockwell Automation产品安全漏洞 (CVE-2018-17924)
Description:Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules An unauthenticated, remote threat actor could send a CIP connection request to an affected device, and upon successful connection, send a new IP configuration to the affected device even if the controller in the system is set to Hard RUN mode. When the affected device accepts this new IP configuration, a loss of communication occurs between the device and the rest of the system as the system traffic is still attempting to communicate with the device via the overwritten IP address.
Description
My team research about CVE-2018-17924 of Rockwell Automation Micrologix 1400
Readme
# CVE-2018-17924
My team research about CVE-2018-17924 of Rockwell Automation Micrologix 1400. This research occured when I participated in OPSWAT fellowship program in 10/2023.
### Blog
https://www.opswat.com/blog/strengthening-ot-security-against-cve-2018-17924-with-metadefender-ot-solutions
File Snapshot

 [4.0K]  /data/pocs/7e16afef4ae0d94da6a56903f626e05664e0902c
├── [ 14K]  ChangeIPRockwell1400.pcapng
├── [3.1K]  CVE-2018-17924.py
├── [1.0K]  LICENSE
└── [ 295]  README.md

0 directories, 4 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →