Zyxel Armor X1 WAP6806 – Directory Traversal

Exploit Database
128 阅读

作者： Rajivarnan R

日期： 2020-07-15
类别：
- webapps
平台：
- hardware
来源：https://www.exploit-db.com/exploits/48669/

# Exploit Title: Zyxel Armor X1 WAP6806 - Directory Traversal
# Date: 2020-06-19
# Exploit Author: Rajivarnan R
# Vendor Homepage: https://www.zyxel.com/
# Software [http://www.zyxelguard.com/WAP6806.asp]
# Version: [V1.00(ABAL.6)C0]
# CVE: 2020-14461
# Tested on: Linux Mint / Windows 10
# Vulnerabilities Discovered Date : 2020/06/19 [YYYY/MM/DD]

# As a result of the research, one vulnerability identified. 
# (Directory Traversal)
# Technical information is provided below step by step.

# [1] - Directory Traversal Vulnerability

# Vulnerable Parameter Type: GET
# Vulnerable Parameter: TARGET/Zyxel/images/eaZy/]

# Proof of Concepts:https://TARGET/Zyxel/images/eaZy/
<https://target/Zyxel/images/eaZy/>

last Exploits
Zyxel Armor X1 WAP6806 – Directory Traversal的更多信息

Park Ticketing Management System 1.0 – ‘viewid’ SQL Injection：
JBMC Software DirectAdmin 1.403 – ‘domain’ Cross-Site Scripting：
SCO Openserver 5.0.7 – ‘outputform’ Command Injection：
e107 0.7.x – ‘/e107_admin/banner.php’ SQL Injection：
GPS Tracking System 2.12 – ‘username’ SQL Injection：
Advanced Comment System 1.0 – ‘ACS_path’ Path Traversal：
phpLDAPadmin 1.2.2 – ‘server_id’ LDAP Injection (Username)：
Cisco Firepower Threat Management Console 6.0.1 – Remote Command Execution：