exploit-labs/huawei_hg255s_exploit

🚀 Server Directory Traversal at Huawei HG255s ☄️ - CVE-2017-17309 🚀

Server Directory Traversal at Huawei HG255s - CVE-2017-17309

Letter of Thanks

Exploit Title: [Server Directory Traversal at Huawei HG255s]

Exploit Author: [Ismail Tasdelen]

CVE : CVE-2017-17309

Vendor Homepage: [www.huawei.com]

Software Link: [Not published this modem just used by Turkey]

Version: [V100R001C163B025SP02]

Finding Vulnerabilities and Approved Exploits

• Server Directory Traversal at Huawei HG255s - 1

• Server Directory Traversal at Huawei HG255s - 2

• Server Directory Traversal at Huawei HG255s - 3

References :

• https://www.vulnerability-lab.com/get_content.php?id=2099
• https://www.vulnerability-lab.com/get_content.php?id=2100
• https://cxsecurity.com/issue/WLB-2017120035
• https://hackertor.com/2017/12/06/huawei-hg255s-server-directory-traversal/
• https://www.exploit-database.net/?id=94806
• https://github.com/ismailtasdelen/huawei_hg255s_exploit
• http://www.huawei.com/en/psirt/security-notices/huawei-sn-20170911-01-hg255s-en
• https://nvd.nist.gov/vuln/detail/CVE-2017-17309
• https://www.cvedetails.com/cve/CVE-2017-17309/
• https://vuldb.com/?id.119545
• https://vulners.com/cve/CVE-2017-17309
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17309