Authored by icekam, Rainbow, tfsec, xiao13

Compro Technology IP Camera suffers from a denial of service vulnerability.

advisories | CVE-2021-40378

# Exploit Title: Compro Technology IP Camera - 'killps.cgi' Denial-of-Service (DoS)
# Date: 2021-09-30
# Exploit Author: icekam,xiao13,Rainbow,tfsec
# Software Link:
# Version: Compro IP70 2.08_7130218, IP570 2.08_7130520, IP60, TN540
# CVE : CVE-2021-40378

There is a backdoor prefabricated in the device in this path. Accessing the
file through the browser after logging in will cause the device to delete
all data (including the data of the camera itself).

Payload:Visit this page after logging in

please refer to: