Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

TamronOS IPTV/VOD - Remote Command Execution

By kannthu

Vidoc logoVidoc Module

What is the "TamronOS IPTV/VOD - Remote Command Execution?"

The "TamronOS IPTV/VOD - Remote Command Execution" module is designed to detect a critical remote command execution vulnerability in the TamronOS IPTV/VOD software. This module is used to identify instances where an attacker can execute arbitrary commands on the target system.


If successfully exploited, this vulnerability allows an attacker to execute arbitrary commands on the target system. This can lead to unauthorized access, data theft, and potential compromise of the entire system.

How the module works?

The module sends a GET request to the target system with specific parameters. For example:


The module then applies matching conditions to the response to determine if the vulnerability is present. The matching conditions include:

- Regex: The response is checked for the presence of the string "root:.*:0:0:" using regular expressions. - Status: The response status code is checked to ensure it is 200.

If both matching conditions are met, the module reports the vulnerability.

Module preview

Concurrent Requests (1)
1. HTTP Request template
Matching conditions
regex: root:.*:0:0:and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability