Share
## https://sploitus.com/exploit?id=PACKETSTORM:163077
# Exploit Title: Solar-Log 500 2.8.2 - Incorrect Access Control  
# Google Dork: In Shodan search engine, the filter is ""Server: IPC@CHIP""  
# Date: 2021-06-11  
# Exploit Author: Luca.Chiou  
# Vendor Homepage: https://www.solar-log.com/en/  
# Software Link: Firmware for Solar-Log https://www.solar-log.com/en/support/firmware/  
# Version: Solar-Log 500 all versions prior to 2.8.2 Build 52 - 23.04.2013  
# Tested on: It is a proprietary devices: https://www.solar-log.com/en/support/firmware/  
  
# 1. Description:  
# The web administration server for Solar-Log 500 all versions prior to 2.8.2 Build 52 does not require authentication,  
# which allows arbitrary remote attackers to gain administrative privileges by connecting to the server.  
# As a result, the attacker can modify configuration files and change the system status.  
  
# 2. Proof of Concept:  
# Access the /lan.html of Solar-Log 500 without ANY authentication,  
# and you can get gain administrative privileges to modify configuration files and change the system status.  
# http://<Your Modem IP>/lan.html