mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 01:04:30 +00:00
784 B
784 B
CVE-2019-13402
Description
/usr/sbin/default.sh and /usr/apache/htdocs/cgi-bin/admin/hardfactorydefault.cgi on Dynacolor FCM-MB40 v1.2.0.0 devices implement an incomplete factory-reset process. A backdoor can persist because neither system accounts nor the set of services is reset.
POC
Reference
- https://xor.cat/2019/06/19/fortinet-forticam-vulns/
- https://xor.cat/2019/06/19/fortinet-forticam-vulns/
Github
No PoCs found on GitHub currently.