XPost: alt.hackers.malicious
2021/03/19 16:52:26 GMT
Description: KZTech/JatonTec/Neotel JT3500V 4G LTE CPE version 2.0.1 is susceptible to an
unauthenticated configuration disclosure when direct object reference is made to the
export_settings.cgi file using an HTTP GET request. This will enable the attacker to
disclose sensitive information and help her in authentication bypass, privilege escalation and full system access.
https://packetstormsecurity.com/files/161890/ZSL-2021-5644.txt
Source: Packet Storm Security
-- Sven Exploits
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)