CVE-2020-29669

Exploitation Summary

EIP tracks 2 public exploits for CVE-2020-29669. PoCs published by code-byter.

AI-analyzed exploit summary This PoC exploits CVE-2020-29669, a privilege escalation vulnerability in Macally WIFISD2 devices. It authenticates as a guest user, changes the admin password, and then uses Telnet to dump and crack the root hash to gain root access.

Description

In the Macally WIFISD2-2A82 Media and Travel Router 2.000.010, the Guest user is able to reset its own password. This process has a vulnerability which can be used to take over the administrator account and results in shell access. As the admin user may read the /etc/shadow file, the password hashes of each user (including root) can be dumped. The root hash can be cracked easily which results in a complete system compromise.

Exploits (2)

nomisec WORKING POC 2 stars

by code-byter · poc

https://github.com/code-byter/CVE-2020-29669

View Code ZIP pw:eip

This PoC exploits CVE-2020-29669, a privilege escalation vulnerability in Macally WIFISD2 devices. It authenticates as a guest user, changes the admin password, and then uses Telnet to dump and crack the root hash to gain root access.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: Macally WIFISD2

Auth required

Prerequisites: Network access to the target device · Guest credentials (default or known)

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1078 - Valid Accounts T1098 - Account Manipulation

devstral-2 · analyzed Feb 19, 2026 Full analysis →

inthewild WORKING POC

poc

https://github.com/s1lkys/cve-2020-29669