From Sven@21:1/5 to All on Fri Mar 19 18:05:10 2021
2021/03/19 16:52:26 GMT
Description: KZTech/JatonTec/Neotel JT3500V 4G LTE CPE version 2.0.1 is susceptible to an
unauthenticated configuration disclosure when direct object reference is made to the
export_settings.cgi file using an HTTP GET request. This will enable the attacker to
disclose sensitive information and help her in authentication bypass, privilege escalation and full system access.