Lucene search
GamehackerEXPLOITPACK:9C97E11B989D76D23BA59867D555D277HistoryOct 29, 2014 - 12:00 a.m.
Konke Smart Plug K - Authentication Bypass
2014-10-2900:00:00
gamehacker
27
EPSS
0.052
Percentile
93.0%
Konke Smart Plug K - Authentication Bypass
-----------------------------------------------------------------------
Konke Smart Plug Authentication Bypass Vulnerability
-----------------------------------------------------------------------
Author : gamehacker&zixian
Mail : gh<[email protected]>&zixian<[email protected]>
Date : Oct, 17-2014
Vendor : http://www.kankunit.com/
Link : http://www.kankunit.com/
Version : K
CVE : CVE-2014-7279
Exploit & p0c
_____________
“Konke” is a smart Home Furnishing products (http://www.kankunit.com/) in China, the product has a security vulnerability, an attacker could exploit the vulnerability to obtain equipment management authority.
Konke Smart Plug open 23 port,we can telnet the 23 port,we can get root without password.
1、Scan Konke. you can use nmap scan the 23 port.
2、open cmd telnet Konke's 23 port.
3、now you are the root. it is a openwrt,you can use busybox do everything! you can use "reboot" command to reboot Konke.and so on……
_____________Related
cvelist
cvelist
CVE-2014-7279
2017-03-23 17:00:00
seebug
seebug
Konke Smart Plug K - Authentication Bypass Vulnerability
2014-11-13 00:00:00
cve
cve
CVE-2014-7279
2017-03-23 17:59:00
packetstorm
packetstorm
Konke Smart Plug Authentication Bypass
2014-10-30 00:00:00
nvd
nvd
CVE-2014-7279
2017-03-23 17:59:00
prion
prion
Authentication flaw
2017-03-23 17:59:00
zdt
zdt
Konke Smart Plug K - Authentication Bypass Vulnerability
2014-10-30 00:00:00
exploitdb
exploitdb
Konke Smart Plug K - Authentication Bypass
2014-10-29 00:00:00