Skip to content

Instantly share code, notes, and snippets.

@LemonSec
Created July 17, 2024 01:32
Show Gist options
  • Save LemonSec/6aaea8320187a38e1a398fa321f12303 to your computer and use it in GitHub Desktop.
Save LemonSec/6aaea8320187a38e1a398fa321f12303 to your computer and use it in GitHub Desktop.
CVE-2024-38944
# Exploit Title: MaxTime Database Editor 1.9 Authentication Bypass
# Google Dork: N/A
# Date: 07/09/2024
# Exploit Author: Andrew Lemon/Red Threat https://redthreatsec.com
# Vendor Homepage: https://www.q-free.com
# Software Link: N/A
# Version: 1.9.x
# Tested on: (Intelight x-1) Linux 3.14.57
# CVE : CVE-2024-38944
## Vulnerability Description
This vulnerability allows remote attackers to bypass authentication on affected installations of MaxTime Database Editor.
Authentication is not required to exploit this vulnerability.
The specific flaw exists within the web-based UI on Traffic Controllers running version 1.9.x firmware.
The issue results from the lack of authentication prior to allowing access to functionality.
An attacker can leverage this vulnerability to gain full control of Intelight Traffic Controllers and modify the configuration of a traffic intersection,
modify traffic light sequences, or trigger the intersection to go into 4 way flash causing a denial of service and causing traffic congestion.
## Steps to Reproduce
Navigate to the IP address of an identified controller
When prompted for authentication append /cgi-bin/generateForm.cgi?formID=142 to the end of the IP address
Under the web security tab change the drop down from enabled to disabled and select apply or take note of the username and password and login with those.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment