目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1310

100%
请我们喝杯咖啡

CVE-2023-26866 PoC — Green Packet OH736 命令注入漏洞

来源
https://github.com/lionelmusonza/CVE-2023-26866
关联漏洞
标题:Green Packet OH736 命令注入漏洞 (CVE-2023-26866)
Description:Green Packet OH736是美国Green Packet公司的一款路由器。 Green Packet OH736 的 WR-1200 Indoor Unit、OT-235 M-IDU-1.6.0.3_V1.1版本、MH-46360-2.0.3-R5-GP版本存在安全漏洞。攻击者利用该漏洞可以完全接管root权限执行任何操作。
介绍
 
# CVE-2023-26866

## Description
GreenPacket OH736's WR-1200 Indoor Unit, OT-235  with firmware versions M-IDU-1.6.0.3_V1.1 and MH-46360-2.0.3-R5-GP respectively  are vulnerable to remote command injection. Commands are executed using pre-login execution and executed with root privileges allowing complete takeover. The vulnerability has been   validated by Lionel Musonza.

## Vulnerability Type
CWE-77	Improper Neutralization of Special Elements used in a Command ('Command Injection')	cwe source acceptance level NIST  
CWE-94	Improper Control of Generation of Code ('Code Injection')

## Vendor of Product
GreenPacket

## Affected Product Code Base
OH736's WR-1200 IDU - M-IDU-1.6.0.3_V1.1
OT-235 - MH-46360-2.0.3-R5-GP


### Affected Component
Engineer  user's command tool in the ruoter's web utility.

### Attack Type
Context-dependent

### Impact Code execution
True

### Impact Denial of Service
True

### Impact Escalation of Privileges
True

### Impact Information Disclosure
True

## Has vendor confirmed or acknowledged the vulnerability?
No, no response from vendor.


## Discoverer
Lionel Musonza

## Timeline
文件快照

登录后查看神龙缓存的 POC 文件快照

登录查看
备注
    1. 建议优先通过来源进行访问。
    2. 本地 POC 快照面向订阅用户开放;当原始来源失效或无法访问时,本地镜像作为订阅权益的一部分提供。
    3. 持续抓取、验证、维护这份 POC 档案需要不少投入,因此本地快照已纳入付费订阅。您的订阅是让这份资料能继续走下去的关键,由衷感谢。 查看订阅方案 →