module

AwindInc SNMP Service Command Injection

Disclosed	Created
2019-03-27	2019-09-04

Disclosed

2019-03-27

Created

2019-09-04

Description

This module exploits a vulnerability found in AwindInc and OEM'ed products where untrusted inputs are fed to ftpfw.sh system command, leading to command injection.
A valid SNMP read-write community is required to exploit this vulnerability.

The following devices are known to be affected by this issue:

* Crestron Airmedia AM-100 * Crestron Airmedia AM-101 * Awind WiPG-1600w * Awind WiPG-2000d * Barco wePresent 2000 * Newline Trucast 2 * Newline Trucast 3

Author

Quentin Kaiser kaiserquentin@gmail.com

Platform

Linux,Unix

Architectures

cmd, armle

References

Module Options

To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:


    msf > use exploit/linux/snmp/awind_snmp_exec
    msf exploit(awind_snmp_exec) > show targets
        ...targets...
    msf exploit(awind_snmp_exec) > set TARGET < target-id >
    msf exploit(awind_snmp_exec) > show options
        ...show and set options...
    msf exploit(awind_snmp_exec) > exploit

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today