bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/multiple/webapps/49987.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

20 lines
No EOL
1 KiB
Text
Raw Blame History

# Exploit Title: Solar-Log 500 2.8.2 - Unprotected Storage of Credentials
# Google Dork: In Shodan search engine, the filter is ""Server: IPC@CHIP""
# Date: 2021-06-11
# Exploit Author: Luca.Chiou
# Vendor Homepage: https://www.solar-log.com/en/
# Software Link: Firmware for Solar-Log https://www.solar-log.com/en/support/firmware/
# Version: Solar-Log 500 all versions prior to 2.8.2 Build 52 - 23.04.2013
# Tested on: It is a proprietary devices: https://www.solar-log.com/en/support/firmware/
# 1. Description:
# An issue was discovered in Solar-Log 500 prior to 2.8.2 Build 52 - 23.04.2013.
# In /export.html, email.html, sms.html, the devices store plaintext passwords,
# which may allow sensitive information to be read by someone with access to the device.
# 2. Proof of Concept:
# Browse the configuration page in Solar-Log 500,
# we can find out that the passwords of FTP, SMTP, SMS services are stored in plaintext.
# http://<Your Modem IP>/export.html
# http://<Your Modem IP>/email.html
# http://<Your Modem IP>/sms.html
Reference in a new issue View git blame Copy permalink