Created
July 17, 2024 01:32
-
-
Save LemonSec/6aaea8320187a38e1a398fa321f12303 to your computer and use it in GitHub Desktop.
CVE-2024-38944
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Exploit Title: MaxTime Database Editor 1.9 Authentication Bypass | |
# Google Dork: N/A | |
# Date: 07/09/2024 | |
# Exploit Author: Andrew Lemon/Red Threat https://redthreatsec.com | |
# Vendor Homepage: https://www.q-free.com | |
# Software Link: N/A | |
# Version: 1.9.x | |
# Tested on: (Intelight x-1) Linux 3.14.57 | |
# CVE : CVE-2024-38944 | |
## Vulnerability Description | |
This vulnerability allows remote attackers to bypass authentication on affected installations of MaxTime Database Editor. | |
Authentication is not required to exploit this vulnerability. | |
The specific flaw exists within the web-based UI on Traffic Controllers running version 1.9.x firmware. | |
The issue results from the lack of authentication prior to allowing access to functionality. | |
An attacker can leverage this vulnerability to gain full control of Intelight Traffic Controllers and modify the configuration of a traffic intersection, | |
modify traffic light sequences, or trigger the intersection to go into 4 way flash causing a denial of service and causing traffic congestion. | |
## Steps to Reproduce | |
Navigate to the IP address of an identified controller | |
When prompted for authentication append /cgi-bin/generateForm.cgi?formID=142 to the end of the IP address | |
Under the web security tab change the drop down from enabled to disabled and select apply or take note of the username and password and login with those. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment