## Telecom system /manager/teletext/material/upload.php fileupload vulnerability

|   **Vulnerability**  | **Telecom system /manager/teletext/material/upload.php fileupload vulnerability**  |
| :----:   | :-----|
| **Chinese name**  | 电信网关配置管理系统后台 /manager/teletext/material/upload.php 文件上传漏洞 |
| **CVSS core**  | 9.8 |
| **FOFA Query**  (click to view the results directly)| [body="img/login_bg3.png" && body="系统登录"](https://fofa.info/result?qbase64=Ym9keT0iaW1nL2xvZ2luX2JnMy5wbmciICYmIGJvZHk9Iuezu%2Be7n%2BeZu%2BW9lSI%3D) |
| **Number of assets affected**  | 856 |
| **Description**  | China Telecom Group Co., Ltd. (English name \"China Telecom\", referred to as \"China Telecom\") was established in September 2000. It is a large state-owned telecommunications company in China and a global partner of the Shanghai World Expo. There is a file upload vulnerability in the background of the telecom gateway configuration management system. An attacker can exploit this vulnerability to obtain a device shell.|
| **Impact** | China Telecom Group Co., Ltd. (English name \"China Telecom\", referred to as \"China Telecom\") was established in September 2000. It is a large state-owned telecommunications company in China and a global partner of the Shanghai World Expo. There is a file upload vulnerability in the background of the telecom gateway configuration management system. An attacker can exploit this vulnerability to obtain a device shell. |

![](https://s3.bmp.ovh/imgs/2023/06/21/dd91a5dac2dab90d.gif)