CVE-2019-7385

HIGH

Raisecom ISCOM HT803G-U/-W/-1GE/GPON <2.0.0_140521_R4.1.47.002 - Co...

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-7385. PoCs published by JameelNabbo.

AI-analyzed exploit summary This exploit leverages a command injection vulnerability in Raisecom xpon devices by injecting shell commands into the password change form parameters. The PoC uses curl to send a malicious POST request with embedded commands (`reboot`) in the password fields.

Description

An authenticated shell command injection issue has been discovered in Raisecom ISCOM HT803G-U, HT803G-W, HT803G-1GE, and HT803G GPON products with the firmware version ISCOMHT803G-U_2.0.0_140521_R4.1.47.002 or below, The values of the newpass and confpass parameters in /bin/WebMGR are used in a system call in the firmware. Because there is no user input validation, this leads to authenticated code execution on the device.

Exploits (1)

exploitdb WORKING POC

by JameelNabbo · textwebappshardware

https://www.exploit-db.com/exploits/46489

View Code ZIP pw:eip

This exploit leverages a command injection vulnerability in Raisecom xpon devices by injecting shell commands into the password change form parameters. The PoC uses curl to send a malicious POST request with embedded commands (`reboot`) in the password fields.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Raisecom ISCOMHT803G-U_2.0.0_140521_R4.1.47.002

No auth needed

Prerequisites: Network access to the target device · Target device must be running vulnerable firmware

MITRE ATT&CK