Exploit for Riello UPS Restricted Shell Bypass Vulnerability

Name: Exploit for Riello UPS Restricted Shell Bypass Vulnerability
Rating: 5 (65 reviews)

2023-03-20 | CVSS 0.4

## https://sploitus.com/exploit?id=1337DAY-ID-38270
I. VULNERABILITY
-------------------------
Riello UPS systems allow to easily escape the configuration shell and get access to the operating system

II. VENDOR
-------------------------
Riello (https://www.riello-ups.es/)

III. DESCRIPTION
-------------------------
Riello UPS systems allow SSH access to configure the device, sometimes with the default credentials "admin:admin".

Using the "-t bash" or "-t /bin/bash" paramters it is possible to escape the restricted shell and get access to the operating system:

ssh [email protected] -t bash