CVE-2017-12930
published 2017-09-21CVE-2017-12930: SQL Injection in the admin interface in TecnoVISION DLX Spot Player4 version >1.5.10 allows remote unauthenticated users to access the web interface as…
PriorityP268critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
3.10%
86.1th percentile
SQL Injection in the admin interface in TecnoVISION DLX Spot Player4 version >1.5.10 allows remote unauthenticated users to access the web interface as administrator via a crafted password.
Detection & IOCsextracted from sources · hover to see the quote
- →Detect SQL injection authentication bypass attempts targeting the admin login — look for the classic tautology payload in the password field. ↗
- →Use Google dork 'DlxSpot - Player4' to identify exposed instances of the vulnerable admin interface on the internet. ↗
- →Alert on SSH login attempts using the hardcoded credentials (username: dlxuser, password: tecn0visi0n) against DLX Spot devices, as these are valid for all known versions. ↗
- ·The SQL injection affects only versions above 1.5.10 of DLX Spot Player4; the hardcoded SSH backdoor (CVE-2017-12928) affects ALL known versions. ↗
- ·The hardcoded root SSH password 'tecn0visi0n' applies to all known DLX Spot Player versions, not just those above 1.5.10. ↗
- ·The same password 'tecn0visi0n' used for the dlxuser SSH account can also be used to escalate to root on the device. ↗
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Tecnovision DLX Spot - Authentication Bypass
exploitdb·2017-05-19·CVSS 9.8
CVE-2017-12930 [CRITICAL] Tecnovision DLX Spot - Authentication Bypass
Tecnovision DLX Spot - Authentication Bypass
---
# Exploit Title: DlxSpot - Player4 LED video wall - Admin Interface SQL
Injection
# Google Dork: "DlxSpot - Player4"
# Date: 2017-05-14
# Discoverer: Simon Brannstrom
# Authors Website: https://unknownpwn.github.io/
# Vendor Homepage: http://www.tecnovision.com/
# Software Link: n/a
# Version: >1.5.10
# Tested on: Linux
# About: DlxSpot is the software controlling Tecnovision LED Video Walls
all over the world, they are used in football arenas, concert halls,
shopping malls, as roadsigns etc.
# CVE: CVE-2017-12930
# Linked CVE's: CVE-2017-12928, CVE-2017-12929
# Visit my github page at
https://github.com/unknownpwn/unknownpwn.github.io/blob/master/README.md
for complete takeover of the box, from SQLi to full root access.
#################
Exploit-DB
Tecnovision DLX Spot - Arbitrary File Upload
exploitdb·2017-05-19·CVSS 9.8
CVE-2017-12929 [CRITICAL] Tecnovision DLX Spot - Arbitrary File Upload
Tecnovision DLX Spot - Arbitrary File Upload
---
# Exploit Title: DlxSpot - Player4 LED video wall - Arbitrary File Upload
to RCE
# Google Dork: "DlxSpot - Player4"
# Date: 2017-05-14
# Discoverer: Simon Brannstrom
# Authors Website: https://unknownpwn.github.io/
# Vendor Homepage: http://www.tecnovision.com/
# Software Link: n/a
# Version: >1.5.10
# Tested on: Linux
# About: DlxSpot is the software controlling Tecnovision LED Video Walls
all over the world, they are used in football arenas, concert halls,
shopping malls, as roadsigns etc.
# CVE: CVE-2017-12929
# Linked CVE's: CVE-2017-12928, CVE-2017-12930.
# Visit my github page at
https://github.com/unknownpwn/unknownpwn.github.io/blob/master/README.md
for complete takeover of the box, from SQLi to root access.
######################
Exploit-DB
Tecnovision DLX Spot - SSH Backdoor Access
exploitdb·2017-05-19·CVSS 9.8
CVE-2017-12930 [CRITICAL] Tecnovision DLX Spot - SSH Backdoor Access
Tecnovision DLX Spot - SSH Backdoor Access
---
# Exploit Title: DlxSpot - Player4 LED video wall - Hardcoded Root SSH Password.
# Google Dork: "DlxSpot - Player4"
# Date: 2017-05-14
# Discoverer: Simon Brannstrom
# Authors Website: https://unknownpwn.github.io/
# Vendor Homepage: http://www.tecnovision.com/
# Software Link: n/a
# Version: All known versions
# Tested on: Linux
# About: DlxSpot is the software controlling Tecnovision LED Video Walls all over the world, they are used in football arenas, concert halls, shopping malls, as roadsigns etc.
# CVE: CVE-2017-12928
# Linked CVE's: CVE-2017-12929, CVE-2017-12930
# Visit my github page at https://github.com/unknownpwn/unknownpwn.github.io/blob/master/README.md for complete takeover of the box, from SQLi to root access.
##############
No writeups or analysis indexed.
2017-09-21
Published