root@deepquest.code511.com:~# 
[EXPLOIT]

>> Lupusec XT2 Plus Main Panel Shared Secrets / Secret Disclosure / CSRF

USER: deepcore // DATE: 2019-04-06 00:30 // MODIFIED: 2019-04-06

Lupusec XT2 Plus Main Panel with firmware 0l0.2.19E suffers from shared private keys for SSL certificates, root passwords derived from the MAC address, information disclosure, and cross site request forgery vulnerabilities.

> POST_COMMENT