Thursday, November 4, 2021

Plastic SCM - WebAdmin Server Access

# Exploit Title: Plastic SCM - WebAdmin Server Access
# Shodan Dork: title:"Plastic SCM"
# Date: 18.10.2021
# Exploit Author: Basavaraj Banakar
# Vendor Homepage:
# Software Link:
# Version: Plastic SCM <
# Tested on: Chrome,Firefox,Edge
# CVE : CVE-2021-41382

# Reference:

# Exploit:

1. Navigate to [This holds administrator login console]

2. Change URL to [Here able to set new password for the adminstrator user]

3. Now after changing password of administrator and login to console and Navigate to and set an new password for any of the users

4. Now navigate to and login with the recently changed password for user i.e is in step 3

Copyright © 2021 Vulnerability Database | Cyber Details™

thank you Templateism for the design - You should have written the code a little more complicated - Nothing Encrypted anymore