Auerswald COMpact 8.0B Backdoors exploit

Related tags

Security related resourcesCVE-2021-40859
Overview

CVE-2021-40859

Auerswald COMpact 8.0B Backdoors exploit

About

Backdoors were discovered in Auerswald COMpact 5500R 7.8A and 8.0B devices, that allow attackers with access to the web based management application full administrative access to the device.

Product Details

Product: COMpact 3000 ISDN, COMpact 3000 analog, COMpact 3000 VoIP, COMpact 4000, COMpact 5000(R), COMpact 5200(R), COMpact 5500R, COMmander 6000(R)(RX), COMpact 5010 VoIP, COMpact 5020 VoIP, COMmander Business(19"), COMmander Basic.2(19").

Affected Versions: <= 8.0B (COMpact 4000, COMpact 5000(R), COMpact 5200(R), COMpact 5500R, COMmander 6000(R)(RX)), <= 4.0S (COMpact 3000 ISDN, COMpact 3000 analog, COMpact 3000 VoIP).

Fixed Versions: 8.2B, 4.0T.

Vulnerability Type: Backdoor.

Security Risk: high.

Installation

pip3 install requests lxml BeautifulSoup pandas

Usage

python3 CVE-2021-40859.py ip:port

Note

This exploit code checks if your Auerswald COMpact server is accessible using the backdoors.

Developer

D0rkerDevil wabaf3t

References

https://packetstormsecurity.com/files/165168/Auerswald-COMpact-8.0B-Backdoors.html

https://www.redteam-pentesting.de/advisories/rt-sa-2021-007

License

MIT

Owner
Ashish Kunwar
Researcher @ RISKIQ | I deal with 0days and malwares
Ashish Kunwar
GitHub Repository
We protect the privacy of the data on your computer by using the camera of your Debian based Pardus operating system. 🕵️

Pardus Lookout We protect the privacy of the data on your computer by using the camera of your Debian based Pardus operating system. The application i

Ahmet Furkan DEMIR 19 Nov 18, 2022
SubFind - Subdomain Finder Tools

SubFind (Subdomain Finder Tools) Info Tools Result Of Subdomain Command In Termi

LangMurpY 2 Jan 25, 2022
Python-based proof-of-concept tool for generating payloads that utilize unsafe Java object deserialization.

Python-based proof-of-concept tool for generating payloads that utilize unsafe Java object deserialization.

Astro 9 Sep 27, 2022
Operational information regarding the vulnerability in the Log4j logging library.

Log4j Vulnerability (CVE-2021-44228) This repo contains operational information regarding the vulnerability in the Log4j logging library (CVE-2021-442

Nationaal Cyber Security Centrum (NCSC-NL) 1.9k Dec 26, 2022
Lightweight and beneficial Dependency Injection plugin for apscheduler

Implementation of dependency injection for apscheduler Prerequisites: apscheduler-di solves the problem since apscheduler doesn't support Dependency I

Glib 11 Dec 07, 2022
Evil-stalker - A simple tool written in python, it is so simple that it is based on google dorks

evil-stalker How to run First of all, you must install the necessary libraries.

rock3d 6 Nov 16, 2022
A repository to detect the ARP spoofing in any devices and prevent Man in the Middle(MITM) attack using Python3

arp_spoof_detector A repository to detect the ARP spoofing in any devices and prevent Man in the Middle(MITM) attack using Python3 Usage: git clone ht

Surya Das N 1 Oct 30, 2021
EyeJo是一款自动化资产风险评估平台,可以协助甲方安全人员或乙方安全人员对授权的资产中进行排查,快速发现存在的薄弱点和攻击面。

EyeJo EyeJo是一款自动化资产风险评估平台,可以协助甲方安全人员或乙方安全人员对授权的资产中进行排查,快速发现存在的薄弱点和攻击面。 免责声明 本平台集成了大量的互联网公开工具,主要是方便安全人员整理、排查资产、安全测试等,切勿用于非法用途。使用者存在危害网络安全等任何非法行为,后果自负,作

429 Dec 31, 2022
Dahua IPC/VTH/VTO devices auth bypass exploit

CVE-2021-33044 Dahua IPC/VTH/VTO devices auth bypass exploit About: The identity authentication bypass vulnerability found in some Dahua products duri

Ashish Kunwar 23 Dec 02, 2022
Facebook Fast Cracking Tool With Python

Pro-Crack Facebook Fast Cracking Tool This is a multi-password‌ cracking tool that can help you hack facebook accounts very quickly Installation On Te

ReD H4CkeR 5 Feb 19, 2022
Use scrapli to retrieve security zone information from a Juniper SRX firewall

Get Security Zones with Scrapli Overview This example will show how to retrieve security zone information on Juniper's SRX firewalls. In addition to t

Calvin Remsburg 2 Jun 19, 2022
Virus-Builder - This tool will generate a virus that can only destroy Windows computer

Virus-Builder - This tool will generate a virus that can only destroy Windows computer. You can also configure to auto run in usb drive

Saad 16 Dec 30, 2022
Zero-attacker is an multipurpose hacking tool with over 12 tools

Zero Attacker Zero Attacker is bunch of tools which we made for people.These all tools are for purpose of ethical hacking and discord tools. Who is th

Asjad 300 Dec 28, 2022
Port scanner tool with easy installation

ort scanner tool with easy installation! Python programming language is used and The text in the program is Georgian 3

2 Mar 24, 2022
A security system to warn you when people enter your room 🎥

Get Out My Room v0.1 I hate people coming in my room when i'm not there. Get Out My Room is a simple security system that sends notifications with vid

ScriptLine 1 Jan 11, 2022
VMware vCenter earlier v(7.0.2.00100) unauthorized arbitrary file read

vcenter_fileread_exploit VMware vCenter earlier v(7.0.2.00100) unauthorized arbitrary file read Usage python3 vCenter_fileread.py http(s)://ip Referen

Ashish Kunwar 4 Sep 23, 2022
Fat-Stealer is a stealer that allows you to grab the Discord token from a user and open a backdoor in his machine.

Fat-Stealer is a stealer that allows you to grab the Discord token from a user and open a backdoor in his machine.

Jet Berry's 21 Jan 01, 2023
BurpSuite Extension: Log4j2 RCE Scanner

Log4j2 RCE Scanner 作者:[email protected]元亨实验室 声明:由于传播、利用本项目所提供的信息而造成的任何直接或者间接的后果及损失,均由使用者本人负责,项目作者不为此承担任何责

ᴋᴇʏ 87 Dec 29, 2021
Raphael is a vulnerability scanning tool based on Python3.

Raphael Raphael是一款基于Python3开发的插件式漏洞扫描工具。 Raphael is a vulnerability scanning too

b4zinga 5 Mar 21, 2022
Vulnerability Scanner & Auto Exploiter You can use this tool to check the security by finding the vulnerability in your website or you can use this tool to Get Shells

About create a target list or select one target, scans then exploits, done! Vulnnr is a Vulnerability Scanner & Auto Exploiter You can use this tool t

Nano 108 Dec 04, 2021