XPost: alt.hackers.malicious
2021/03/19 16:53:54 GMT
Description: KZTech/JatonTec/Neotel JT3500V 4G LTE CPE version 2.0.1 suffers from a
privilege escalation vulnerability. The non-privileged default user (user:user123) can
elevate his/her privileges by sending a HTTP GET request to the configuration export
endpoint and disclose the admin password. Once authenticated as admin, an attacker will
be granted access to the additional and privileged pages.
https://packetstormsecurity.com/files/161891/ZSL-2021-5645.txt
Source: Packet Storm Security
-- Sven Exploits
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)