Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-27328 PoC — Yeastar NeoGate TG400 路径遍历漏洞

Source
https://github.com/Threekiii/Awesome-POC/blob/master/%E7%BD%91%E7%BB%9C%E8%AE%BE%E5%A4%87%E6%BC%8F%E6%B4%9E/%E6%9C%97%E8%A7%86%20TG400%20GSM%20%E7%BD%91%E5%85%B3%E7%9B%AE%E5%BD%95%E9%81%8D%E5%8E%86%20CVE-2021-27328.md
Associated Vulnerability
Title:Yeastar NeoGate TG400 路径遍历漏洞 (CVE-2021-27328)
Description:Yeastar Yeastar NeoGate TG400是西班牙Yeastar公司的一个应用软件。提供为电信经销商提供了一个平台,可通过其全方位的功能,可伸缩性和UC功能轻松启动托管的PBX业务。 Yeastar NeoGate TG400 中存在路径遍历漏洞。该漏洞源于产品未能正确地过滤资源或文件路径中的特殊元素,经过身份验证的用户可以解密固件,并可以读取敏感信息,如密码或解密密钥。以下产品及版本受到影响:Yeastar NeoGate TG400 91.3.0.3。
File Snapshot

 # 朗视 TG400 GSM 网关目录遍历 CVE-2021-27328

## 漏洞描述

朗视 TG400 GSM 网关存在目录遍历 ,攻击者可以通过漏洞获取敏感信息

参考阅读:

- http

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.