I was quite surprised to come across this funny CVE, as it was the most bizarre one I had seen so far. This particular CVE was related to Raspberry Pi and the author used default credentials of raspberry OS (user: pi, password: raspberry) as a vulnerability. They connected to the raspberry pi over SSH protocol using the Python module paramiko, which is used to interact with SSH protocol in Python, but this could have been done just as easily with an SSH tool by itself.
It seems obvious that this type of vulnerability should not be awarded a CVE, as it is far too commonplace to be considered a serious security risk.
However, I asked my self can I even use this code for something useful. I mean, I was thinking where I can use it to squiz the most from it. I decided that I will do the following. I used this code to deliver payload (cmd/unix/reverse_bash) on each Raspbery Pi in my local network, so I obtained shell in Metasploit. After you have shell you can do everything you want. For example you can install crypto miners. I know that one or few raspberrys can’t mine a lot, but if ..
Support the originator by clicking the read the rest link below.
){kind=link}