# Exploit Title: Intelight X-1L Traffic controller Maxtime 1.9.6 - Remote Code Execution (RCE) # Google Dork: N/A # Date: 07/09/2024 # Exploit Author: Andrew Lemon/Red Threat https://redthreatsec.com # Vendor Homepage: https://www.q-free.com # Software Link: N/A # Version: 1.9 # Tested on: (Intelight x-1) Linux 3.14.57 # CVE : CVE-2024-38944 ## Vulnerability Description This vulnerability allows remote attackers to bypass authentication on affected installations of MaxTime Database Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web-based UI on Traffic Controllers running version 1.9.x firmware. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to gain full control of Intelight Traffic Controllers and modify the configuration of a traffic intersection, modify traffic light sequences, or trigger the intersection to go into 4 way flash causing a denial of service and causing traffic congestion. ## Steps to Reproduce Navigate to the IP address of an identified controller When prompted for authentication append /cgi-bin/generateForm.cgi?formID=142 to the end of the IP address Under the web security tab change the drop down from enabled to disabled and select apply or take note of the username and password and login with those.