Skip to content
/ fwbt Public

Proof of Concept code for interaction with Firewalla via Bluetooth Low-Energy and exploitation of CVE-2024-40892 / CVE-2024-40893

6 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

xen0bit/fwbt

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
pkg
pkg
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 

Repository files navigation

fwbt

Writeup: https://www.labs.greynoise.io/grimoire/2024-08-20-bluuid-firewalla/

Proof of Concept code for interaction with Firewalla via Bluetooth Low-Energy and exploitation of CVE-2024-40892 / CVE-2024-40893

Without any configuration it will scan for Firewalla's in local proximity and leak the checksum of the License UUID.

If License UUID is obtained, it can be defined at var myLicense = "" in main.go at which point:

  1. A local backup of the device configuration will be made.
  2. If the device configuration is already backed up:
  3. Generate root SSH credentials (CVE-2024-40892)
  4. Exploit 3 command injection vulnerabilites (CVE-2024-40893)

About

Proof of Concept code for interaction with Firewalla via Bluetooth Low-Energy and exploitation of CVE-2024-40892 / CVE-2024-40893

Resources

Readme
Activity

Stars

6 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages