module

Geutebruck instantrec Remote Command Execution

Disclosed	Created
Jul 8, 2021	Sep 20, 2021

Disclosed

Jul 8, 2021

Created

Sep 20, 2021

Description

This module exploits a buffer overflow within the 'action'
parameter of the /uapi-cgi/instantrec.cgi page of Geutebruck G-Cam EEC-2xxx and G-Code EBC-21xx, EFD-22xx,
ETHC-22xx, and EWPC-22xx devices running firmware versions == 1.12.0.27 as well as firmware
versions 1.12.13.2 and 1.12.14.5.
Successful exploitation results in remote code execution as the root user.

Authors

Titouan Lazard - RandoriSec
Ibrahim Ayadhi - RandoriSec

Platform

Linux,Unix

Architectures

armle

References

Module Options

To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':


    msf > use exploit/linux/http/geutebruck_instantrec_bof
    msf exploit(geutebruck_instantrec_bof) > show targets
        ...targets...
    msf exploit(geutebruck_instantrec_bof) > set TARGET < target-id >
    msf exploit(geutebruck_instantrec_bof) > show options
        ...show and set options...
    msf exploit(geutebruck_instantrec_bof) > exploit

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today