5 matches found
CVE-2020-25988
UPNP Service listening on port 5555 in Genexis Platinum 4410 Router V2.1 P4410-V2–1.34H has an action 'XGetAccess' which leaks the credentials of 'admin', provided that the attacker is network adjacent...
Genexis Platinum 4410 Router 2.1 - UPnP Credential Exposure Exploit
Exploit Title: Genexis Platinum 4410 Router 2.1 - UPnP Credential Exposure Exploit Author: Nitesh Surana Vendor Homepage: https://www.gxgroup.eu/ont-products/ Version: P4410-V2-1.34H Tested on: Windows/Kali CVE : CVE-2020-25988 import upnpy upnp = upnpy.UPnP Discover UPnP devices on the network...
Genexis Platinum 4410 Router 2.1 - UPnP Credential Exposure
Exploit Title: Genexis Platinum 4410 Router 2.1 - UPnP Credential Exposure Date: 17th November 2020 Exploit Author: Nitesh Surana Vendor Homepage: https://www.gxgroup.eu/ont-products/ Version: P4410-V2-1.34H Tested on: Windows/Kali CVE : CVE-2020-25988 import upnpy upnp = upnpy.UPnP Discover UPnP...
CVE-2020-25988
creationtimestamp| type| source ---|---|--- 2020-11-17 22:39:20+00:00| seen| https://t.me/cibsecurity/16466 2020-11-21 19:18:00+00:00| published-proof-of-concept| Telegram/UxTNBzpYPuAvWiUw14OoLCI4dqVav6XCEd41yK8XAnw 2020-12-09 03:25:22+00:00| seen| https://t.me/cibsecurity/17346 2020-12-09...
CVE-2020-25988
CVE-2020-25988 affects Genexis Platinum 4410 Router (V2.1, P4410-V2–1.34H) via UPnP Service on port 5555. The X_GetAccess action exposes the admin password to network-adjacent attackers, enabling credential leakage. Public-exploit materials and code samples demonstrate how to invoke the action to...