Skip to content
/ CVE-2022-36553-PoC Public

PoC Script for CVE-2022-36553: Exploits an unauthenticated remote command injection vulnerability in Hytec Inter HWL-2511-SS device.

neroteam.com/blog/hytec-inter-hwl-2511-ss-vulnerability-report
6 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

0xNslabs/CVE-2022-36553-PoC

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
HWL-2511-SS.py
HWL-2511-SS.py
 
 
README.md
README.md
 
 

Repository files navigation

CVE-2022-36553 - Hytec Inter HWL-2511-SS Unauthenticated Remote Command Injection.

Overview

This repository contains a Proof of Concept (PoC) reverse shell script for exploiting CVE-2022-36553, a critical vulnerability in Hytec Inter HWL-2511-SS devices. The script is a practical demonstration, complementing the in-depth analysis provided in my blog post "Hytec Inter HWL-2511-SS - Vulnerability Report."

Affected versions

All Hytec Inter HWL-2511-SS devices from version 1.05 and under.

PoC Script Usage

# Usage: python HWL-2511-SS.py --RHOST <Target-IP> --RPORT <Target-Port> --LHOST <Local-IP> --LPORT <Local-Port>
# Example: python HWL-2511-SS.py --RHOST 192.168.1.1 --RPORT 443 --LHOST 192.168.1.100 --LPORT 4444

Video Proof of Concept

Script PoC CVE-2022-26134

Hytec Inter HWL-2511-SS Unauthenticated Remote Command Injection

Note

FOR EDUCATIONAL PURPOSE ONLY.

About

PoC Script for CVE-2022-36553: Exploits an unauthenticated remote command injection vulnerability in Hytec Inter HWL-2511-SS device.

neroteam.com/blog/hytec-inter-hwl-2511-ss-vulnerability-report

Topics

reverse-shell exploit vulnerability iot-security ethical-hacking command-injection cve-2022-36553

Resources

Readme
Activity
Custom properties

Stars

6 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages