Skip to content
/ CVE-2020-35391-POC Public

Tenda N300 Authentication Bypass via Malformed HTTP Request Header

License

MIT license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

dumitory-dev/CVE-2020-35391-POC

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits

.github/workflows

.github/workflows

 
 

img

img

 
 

.gitattributes

.gitattributes

 
 

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

main.py

main.py

 
 

Repository files navigation

Welcome to CVE-2020-35391-POC 👋

Original Documentation License: MIT Pylint

Tenda N300 Authentication Bypass via Malformed HTTP Request Header Python POC

Tenda N300 F3 12.01.01.48 devices allow remote attackers to obtain sensitive information (possibly including an http_passwd line) via a direct request for cgi-bin/DownloadCfg/RouterCfm.cfg, a related issue to CVE-2017-14942. NOTE: the vulnerability report may suggest that either a ? character must be placed after the RouterCfm.cfg filename, or that the HTTP request headers must be unusual, but it is not known why these are relevant to the device's HTTP response behavior.

Original PoC Author: Michelle Bonilla
After so much time since this CVE was published, the vulnerability has still not been fixed! (Last Firmware Version: V12.01.01.42_multi)

Usage

python3 main.py <router ip>

Work example

Author

👤 dumitory-dev

Show your support

Give a ⭐️ if this project helped you!

📝 License

This project is MIT licensed.

About

Tenda N300 Authentication Bypass via Malformed HTTP Request Header

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages