.. / CVE-2021-40859

Exploit for Auerswald COMpact 5500R 7.8A and 8.0B Devices Backdoor (CVE-2021-40859)

Description:

Auerswald COMpact 5500R 7.8A and 8.0B devices contain an unauthenticated endpoint (“https://192.168.1[.]2/about_state”), enabling the bad actor to gain backdoor access to a web interface that allows for resetting the administrator password.

Nuclei Template

View the template here CVE-2021-40859.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2021/CVE-2021-40859.yaml

References:

https://www.redteam-pentesting.de/en/advisories/rt-sa-2021-007/-auerswald-compact-multiple-backdoors
https://www.redteam-pentesting.de/en/advisories/-advisories-publicised-vulnerability-analyses
https://nvd.nist.gov/vuln/detail/CVE-2021-40859
https://thehackernews.com/2021/12/secret-backdoors-found-in-german-made.html

.. / CVE-2021-40859 if(localStorage["style"]=="true"){ document.getElementById('pagestyle').setAttribute('href','/assets/styleDark.css'); document.querySelector('input[type="checkbox"]').checked = true }

Exploit for Auerswald COMpact 5500R 7.8A and 8.0B Devices Backdoor (CVE-2021-40859)

Description:

Nuclei Template

Validate with Nuclei

.. / CVE-2021-40859