Advertisement






ProLink PRS1841 Backdoor Account

CVE Category Price Severity
CVE-2020-3562 CWE-798 $5,000 High
Author Risk Exploitation Type Date
Karn Ganeshen High Remote 2022-12-31
CPE
cpe:cpe:/h:prolink:prs1841
CVSS EPSS EPSSP
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H 0.3 0.9125

CVSS vector description

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2022120051

Below is a copy:

ProLink PRS1841 Backdoor Account
# Exploit Title: Router backdoor - ProLink PRS1841 PLDT Home fiber
# Exploit Author: Lawrence Amer @zux0x3a
# Vendor Homepage: https://prolink2u.com/product/prs1841/
# Firmware : PRS1841 U V2
# reference: https://0xsp.com/security%20research%20%20development%20srd/backdoor-discovered-in-pldt-home-fiber-routers/

Description
========================
A silent privileged backdoor account discovered on the Prolink PRS1841 
routers; allows attackers to gain command execution privileges to the 
router OS.

The vulnerable account issued by the vendor was identified as "adsl" and 
"realtek" as the default password; attackers could use this account to 
access the router remotely/internally using either Telnet or FTP 
protocol.

PoC
=============================
adsl:$1$$m9g7v7tSyWPyjvelclu6D1:0:0::/tmp:/bin/cli

Copyright ©2024 Exploitalert.

This information is provided for TESTING and LEGAL RESEARCH purposes only.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use and Privacy Policy and Impressum