Lucene search
Jakub Palaczynski1337DAY-ID-29221HistoryDec 14, 2017 - 12:00 a.m.
Meinberg LANTIME Web Configuration Utility 6.16.008 Authentication Bypass Vulnerability
2017-12-1400:00:00
Jakub Palaczynski
0day.today
23
0.016 Low
EPSS
Percentile
87.6%
Exploit for cgi platform in category web applications
Title: Meinberg LANTIME Web Configuration Utility - Failure to Restrict URL
Access
Author: Jakub Palaczynski
CVE: CVE-2017-16787
Exploit tested on:
==================
Meinberg LANTIME Web Configuration Utility 6.16.008
Vulnerability affects:
======================
All LTOS6 firmware releases before 6.24.004
Vulnerability:
**************
Failure to Restrict URL Access:
===============================
Any user is able to read all files stored outside cgi-bin directory without
authentication. This way it is possible to download firmware, statistics or
diagnostics files that are stored in upload directory.
# 0day.today [2018-04-12] #Related
packetstorm
packetstorm
Meinberg LANTIME Web Configuration Utility 6.16.008 Arbitrary File Read
2017-12-13 00:00:00
Meinberg LANTIME Web Configuration Utility 6.16.008 Authentication Bypass
2017-12-13 00:00:00
prion
prion
Design/Logic Flaw
2017-12-15 18:29:00
zdt
zdt
nessus
nessus
Meinberg Multiple Vulnerabilities in LANTIME Products (CVE-2017-16787)
2024-05-02 00:00:00
cvelist
cvelist
CVE-2017-16787
2017-12-15 18:00:00
nvd
nvd
CVE-2017-16787
2017-12-15 18:29:00
cve
cve
CVE-2017-16787
2017-12-15 18:29:00
exploitpack
exploitpack
Meinberg LANTIME Web Configuration Utility 6.16.008 - Arbitrary File Read
2017-12-13 00:00:00
exploitdb
exploitdb
Meinberg LANTIME Web Configuration Utility 6.16.008 - Arbitrary File Read
2017-12-13 00:00:00