CVE-2020-8958

CVE-2020-8958: Authenticated Remote Code Execution Exploit for NetLink Routers using boa server.

CVSS Score: 7.2
Vulnerability Type(s): OS Command Injection
Authentication: Required
Affected Model(s): HG323

Description

The /boaform/admin/formPing resource in Netlink routers allows remote attackers to perform OS Command Injection via the target_addr parameter.

Usage

    usage: CVE-2020-8958.py [-h] -i URL [-u [USER]] [-p [PASS]]

    CVE-2020-8958: Authenticated remote code execution exploit

    optional arguments:
    -h, --help            show this help message and exit
    -i URL, --Url URL     Target IP of router
    -u [USER], --User [USER]
                            Username
    -p [PASS], --Pass [PASS]
                            Password

Name		Name	Last commit message	Last commit date
Latest commit History 2 Commits
CVE-2020-8958.py		CVE-2020-8958.py
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

CVE-2020-8958

Description

Usage

About

Releases

Packages

Languages

Asjidkalam/CVE-2020-8958

Folders and files

Latest commit

History

Repository files navigation

CVE-2020-8958

Description

Usage

About

Topics

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages