Skip to content

nonamecoder/CVE-2023-22906

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
audio files
audio files
 
 
html-report
html-report
 
 
logs
logs
 
 
CVE_2023_22906.pdf
CVE_2023_22906.pdf
 
 
Qubo_Scanner.py
Qubo_Scanner.py
 
 
README.md
README.md
 
 

Repository files navigation

CVE-2023-22906

CVE-2023-22906 is a critical vulnerability that affects the Hero Qubo Smart Doorbell device running version HCD01_02_V1.38_20220125. This particular device allows Telnet access with root privileges by default, without requiring a password. This vulnerability poses a significant security risk as it can lead to unauthorized access, compromising user privacy, exposing sensitive information stored on the device and also potentially enabling the compromised device to be utilized as a cog within a botnet's malicious activities.

Research Paper

Proof of Concept Videos

Shell Access

Shell.mp4

Rickroll Chime

Rickroll.Chime.mp4

About

Proof of Concept for CVE-2023-22906

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22906

Topics

iot security vulnerability-research

Resources

Readme
Activity

Stars

7 stars

Watchers

3 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages