5 matches found
Yeastar TG400 GSM Gateway 91.3.0.3 Path Traversal Vulnerability
Path Traversal on Yeastar TG400 GSM Gateway - 91.3.0.3 This is a Proof of Concept for CVE-2021-27328 Example to get firmware decrypting password http://192.168.43.246/cgi/WebCGI?1404=../../../../../../../../../../bin/firmwaredetect to get /etc/paswd...
Yeastar TG400 GSM Gateway 91.3.0.3 Path Traversal
Path Traversal on Yeastar TG400 GSM Gateway - 91.3.0.3 This is a Proof of Concept for CVE-2021-27328 Example to get firmware decrypting password http://192.168.43.246/cgi/WebCGI?1404=../../../../../../../../../../bin/firmwaredetect to get /etc/paswd...
Arbitrary Command Injection Over HTTP Traffic (CVE-2020-19165; CVE-2020-24219; CVE-2020-28477; CVE-2021-26747; CVE-2021-27328)
Arbitrary Command Injection Over HTTP Traffic...
CVE-2021-27328
The CVE-2021-27328 entry affects Yeastar NeoGate TG400 91.3.0.3 and is confirmed via multiple connected sources as a Directory Traversal vulnerability. An authenticated user can traverse paths to decrypt firmware and read sensitive files (e.g., firmware password/decryption key). Public PoCs and d...
Exploit for Path Traversal in Yeastar Neogate_Tg400_Firmware
Path Traversal on Yeastar TG400 GSM Gateway - 91.3.0.3 Thi...