Sensitive Information Disclosure Vulnerability Description

Vendor Of The Product: Phicomm K2G

Affected Products and Firmware version: Phicomm K2G v22.6.3.20

Vulnerability: Sensitive Information Disclosure Vulnerability

Vulnerability description: In the device program code of Phicomm Intelligent Router K2G (Firmware Version v22.6.3.20), the root password is not encrypted and stored in the shadow file, and the hash value of the root password can be directly obtained, and the root plaintext password can be directly obtained after collision. At the same time, the admin account password in the web background is stored in clear text in the system file, and the admin password can be directly obtained.

Vulnerability Analysis

After analyzing the unpacked files of the binwalk, it is found that there are etc/shadow

Untitled

root:$1$uLTx5N3s$2I0B6vbPf.gvEUK/Oro2f1:0:0:99999:7:::

Crack the root password is: 333620

Untitled

The weblogin account password is stored in the system file in clear text, and the web account

Untitled

password can be directly obtained. Base64 Decode to Get plaintext Password: Aa123456

Untitled