Unauthenticated OS command injection in AVTECH IP camera brightness function (CVE-2024-7029)

This repository contains a Python proof-of-concept exploit for CVE-2024-7029, a remote code execution vulnerability in AvTech devices. The main file, GenAvTechRCEExploit.py, provides functionality to scan single or multiple targets for the vulnerability and, if found, allows the attacker to execute arbitrary shell commands via an interactive shell. The exploit works by sending a crafted POST request to the /cgi-bin/supervisor/Factory.cgi endpoint on the target device, injecting shell commands through the 'brightness' parameter. The tool supports multithreaded scanning of targets listed in a file and provides user-friendly output. The README.md offers detailed usage instructions in both English and Russian. No hardcoded IPs or domains are present; the tool is designed for user-supplied targets. The exploit is a standalone script and does not belong to any exploitation framework.

This repository contains a single Python exploit script (CVE-2024-7029.py) and a minimal README. The exploit targets AvTech devices vulnerable to CVE-2024-7029, a remote code execution (RCE) flaw in the /cgi-bin/supervisor/Factory.cgi endpoint. The script allows an attacker to check if a target is vulnerable and, if so, provides an interactive shell-like interface to execute arbitrary commands on the device. It supports both single-target and multi-target (file-based) scanning, with optional threading for efficiency. The exploit works by sending a specially crafted POST request to the vulnerable endpoint, injecting shell commands via the 'brightness' parameter. The code is a proof-of-concept (POC) and does not include advanced features such as payload customization or post-exploitation modules. The only fingerprintable endpoint is the Factory.cgi path, which is typical for AvTech devices. The repository is straightforward, with the main exploit logic contained in a single Python file.

This repository contains a C# (.NET 8) Proof-of-Concept exploit for CVE-2024-7029, a critical authentication bypass and remote code execution vulnerability in AVTech devices. The main code is in Program.cs, which provides a console interface for the user to specify a target URL or a file containing multiple targets. The exploit works by sending a crafted HTTP POST request to the endpoint '/cgi-bin/supervisor/Factory.cgi' on the target device, injecting arbitrary shell commands via the 'brightness' parameter. If the target is vulnerable, the tool provides an interactive shell, allowing the user to execute further commands remotely and view their output. The repository includes standard .NET project and solution files, as well as documentation in both English and Farsi. No external dependencies or frameworks are used. The exploit is operational and can be used to confirm and leverage the vulnerability on affected AVTech devices.