Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2020-29669 PoC — Macally WIFISD2-2A82 Media and Travel Router 授权问题漏洞

Source
https://github.com/code-byter/CVE-2020-29669
Associated Vulnerability
Title:Macally WIFISD2-2A82 Media and Travel Router 授权问题漏洞 (CVE-2020-29669)
Description:In the Macally WIFISD2-2A82 Media and Travel Router 2.000.010, the Guest user is able to reset its own password. This process has a vulnerability which can be used to take over the administrator account and results in shell access. As the admin user may read the /etc/shadow file, the password hashes of each user (including root) can be dumped. The root hash can be cracked easily which results in a complete system compromise.
Description
Macally WIFISD2
File Snapshot

 [4.0K]  /data/pocs/ddc15d776a5f7fd25f6f9769cd518ad3e5b679d5
├── [4.0K]  images
│   ├── [9.7K]  base.png
│   ├── [ 62K]  burp_1.png
│   ├── [ 57K]  burp_2.png
│   ├── [ 95K]  dashboard.png
│   ├── [ 44K]  etc_password.png
│   ├── [ 93K]  exploit.png
│   ├── [ 51K]  password_changed.png
│   ├── [ 44K]  password_change.png
│   ├── [410K]  router.jpg
│   ├── [ 17K]  telnet_login.png
│   └── [ 30K]  web_login.png
├── [6.0K]  macally_exploit.py
├── [2.5K]  README.rst
└── [1.0M]  writeup.pdf

1 directory, 14 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →