Last active
October 1, 2025 21:27
-
-
Save geraldog/2d07fdedbbb79d822e9df4b75f882a63 to your computer and use it in GitHub Desktop.
Revisions
-
geraldog revised this gist
Aug 27, 2025 . 1 changed file with 15 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,3 +1,18 @@ ## Correction Notice: CVE-2025-50753 Exploit Method **Important:** The CVE description incorrectly omits the required newline character. The correct command argument to gain root access on Mitrastar GPT-2741 GNAC-N2 devices is: "\n/bin/sh" *Note:* The quotes and the leading newline meta-character are essential tor the exploit to succeed. --- Mitrastar GPT-2741GNAC-N2 devices are provided with access through ssh into a restricted default shell. This is called the "support" user and the credential to log in is a sticker on the router as -
Aug 27, 2025 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,6 +1,6 @@ Mitrastar GPT-2741GNAC-N2 devices are provided with access through ssh into a restricted default shell. This is called the "support" user and the credential to log in is a sticker on the router as provided by Vivo (Telefonica Brasil) on their Vivo Fibra offer. The command "deviceinfo show file" is supposed to be used from -
Aug 6, 2025 . 1 changed file with 8 additions and 2 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,3 +1,9 @@ Mitrastar GPT-2741GNAC-N2 devices are provided with access through ssh into a restricted default shell. This is called the "support" user and the credential to log in is a sticker on the modem as provided by Vivo (Telefonica Brasil) on their Vivo Fibra offer. The command "deviceinfo show file" is supposed to be used from restricted shell to show files and directories. By providing "\n/bin/sh" (quotes included, note the newline special character) to the argument of this command will drop a root shell. -
Aug 5, 2025 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,3 @@ Mitrastar GPT-2741GNAC-N2 devices are provided with access through ssh into a restricted default shell. This is called the "support" user and the credential to log in is a sticker on the modem as provided by Vivo (Telefonica Brasil) on their Vivo Fibra offer. The command "deviceinfo show file" is supposed to be used from restricted shell to show files and directories. By providing "\n/bin/sh" (quotes included, note the newline special character) to the argument of this command will drop a root shell.