Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Add module and new wordlist for it for the CVE-2016-1555 vulnerability #10766
Add a new module for the CVE-2016-1555 vulnerability that targets the following Netgear devices with these firmwares:
The corresponding wordlist file (netgear_boardData_paths.txt) contains all the URIs that might be vulnerable in the target versions. For the first vulnerable URI it finds, it "checks" for unauthenticated arbitrary command execution in the POST request.
Tested on: Netgear WNAP320 firmware 2.0.3, emulated with QEMU, setup by FIRMADYNE.
Example Output with default payload (linux/mipsbe/shell_reverse_tcp)
Example Output with meterpreter
Thanks for the contribution.
It is required that code in your fork be merged from a unique branch in your repository to master in Rapid7's. Please create a new branch in your fork of framework and resubmit this from that branch.
This helps protect the process, ensure users are aware of commits on the branch being considered for merge, allows for a location for more commits to be offered without mingling with other contributor changes and allows contributors to make progress while a PR is still being reviewed.
Closing based on the this requirement, please do resubmit from a unique branch.