# Exploit Title: Genexis Platinum-4410 2.1 - Authentication Bypass  
# Date: 20220-01-08  
# Exploit Author: Husinul Sanub  
# Author Contact:  
# Vulnerable Product: Genexis Platinum-4410 v2.1 Home Gateway Router  
# Firmware version: P4410-V2–1.28  
# Vendor Homepage:  
# Reference:  
# CVE: CVE-2020-6170  
Vulnerability Details  
Genexis Platinum-4410 v2.1 Home Gateway Router discloses passwords of each users(Admin,GENEXIS,user3) in plain text behind login page source “". This could potentially allow a remote attacker access sensitive information and perform actions such as reset router, changing passwords, upload malicious firmware etc.  
How to reproduce  
Suppose is the router IP and check view page source of login page “",There we can found passwords for each login accounts in clear text.