Schneider Electric SpaceLogic C-Bus Home Controller (5200WHC2) Remote Root

Posted by deepcore on July 22, 2022 – 6:06 pm

Schneider Electric SpaceLogic C-Bus Home Controller (5200WHC2) versions 1.31.460 and below suffer from an authenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands as the root user via the name GET parameter in delsnap.pl Perl/CGI script which is used for deleting snapshots taken from the webcam.

This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.

« Chrome Scope Break CodoForum 5.1 Remote Code Execution »

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Schneider Electric SpaceLogic C-Bus Home Controller (5200WHC2) Remote Root

Post a reply

Tabs Switcher

Categories

Archives

Meta

BLOGROLL