Exploit for OS Command Injection in Hikvision Ds-2Cd2026G2-Iu\/Sl_Firmware CVE-2021-36260

Name: Exploit for OS Command Injection in Hikvision Ds-2Cd2026G2-Iu/Sl_Firmware CVE-2021-36260
Rating: 5 (357 reviews)

2022-08-28 | CVSS 9.8

## https://sploitus.com/exploit?id=4B483361-402B-56C9-8223-D272899EA50E
# RemoteUploader

Upload to a specific web server and run remotely


# Module

1: RemoteUploader.ServerModule()

        lport:int, # Pleass 0x01 ~ 0xff in range  
        lhost:str, # Your IP address 
        Path:str   # File path


2: RemoteUploader.UploadModule()

        lhost:str,       # Local IP or Global IP
        lport:int,       # Download server port
        rhost:list,      # Target rhost in list only 
        rport:int,       # Target port
        ThreadNum=1,     # Thread enabled for multiple targets
        execution=False, # True if it is an executable 
        delete=False,    # Delete files after execution
        Tor=False        # Tor Netwoek 
        
# Details of this vulnerable

1: check()
        
        rhosts={target_host} # Target host
        rports={target_port} # Target port
        
  https://github.com/TakenoSite/Simple-CVE-2021-36260