SkullSec

View on GitHub

CVE-2020-13886

LFI - Intelbras TIP 200 / TIP 200 LITE / TIP 300 Firmware version 60.61.75.15 / 65.61.75.22

PoC:

Description:

> Intelbras TIP 200 60.61.75.15, TIP 200 LITE 60.61.75.15, and TIP 300 65.61.75.22
> devices allow cgi-bin/cgiServer.exx?page=..%2F Directory Traversal.
>
> ------------------------------------------
>
> [Vulnerability Type]
> Directory Traversal
>
> ------------------------------------------
>
> [Vendor of Product]
> Intelbras
>
> ------------------------------------------
>
> [Affected Product Code Base]
> TIP 300 - 65.61.75.22
> TIP 200/200 LITE - 60.61.75.15
>
> ------------------------------------------
>
> [Affected Component]
> CGI file parameter
> EX: /cgi-bin/cgiServer.exx?page= LFI ENCODED
>
> ------------------------------------------
>
> [Attack Type]
> Local
>
> ------------------------------------------
>
> [Impact Code execution]
> true
>
> ------------------------------------------
>
> [Attack Vectors]
> http://host/cgi-bin/cgiServer.exx?page=..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd
>
> ------------------------------------------
>
> [Discoverer]
> Lucas Souza
>
> ------------------------------------------