Hack w/ Linksys AX6000 (MR9600 V2)
DO NOT BUY IT!!
You cannot install OpenWRT on it and its firmware is highly customized.
TL; DR;
- BACKUP, BACKUP and BACKUP
- Downgrade firmware to 2.0.3 (link is listed below)
- Exploit CVE-2022-24372
- Create a revershell CGI in
/var/config/cache
- Trigger revershell by access
http://ip:port/cache/reverse.cgi
- Post-exploit: Upgrade firmware, Entware & more