Zyxel Armor X1 WAP6806 - Directory Traversal

vendor:

Armor X1 WAP6806

by:

Rajivarnan R

4.3

CVSS

MEDIUM

Directory Traversal

CWE

Product Name: Armor X1 WAP6806

Affected Version From: V1.00(ABAL.6)C0

Affected Version To: V1.00(ABAL.6)C0

Patch Exists: NO

Related CWE: 2020-14461

CPE: h:zyxel:armor_x1_wap6806

Metasploit: N/A

Other Scripts: N/A

Platforms Tested: Linux Mint, Windows 10

2020

Zyxel Armor X1 WAP6806 – Directory Traversal

As a result of the research, one vulnerability identified. (Directory Traversal) Technical information is provided below step by step. Vulnerable Parameter Type: GET Vulnerable Parameter: TARGET/Zyxel/images/eaZy/ Proof of Concepts:https://TARGET/Zyxel/images/eaZy/ <https://target/Zyxel/images/eaZy/>

Mitigation:

Ensure that the application is not vulnerable to directory traversal attacks by validating user input and restricting access to sensitive files and directories.

Source

Exploit-DB raw data:

# Exploit Title: Zyxel Armor X1 WAP6806 - Directory Traversal
# Date: 2020-06-19
# Exploit Author: Rajivarnan R
# Vendor Homepage: https://www.zyxel.com/
# Software [http://www.zyxelguard.com/WAP6806.asp]
# Version: [V1.00(ABAL.6)C0]
# CVE: 2020-14461
# Tested on: Linux Mint / Windows 10
# Vulnerabilities Discovered Date : 2020/06/19 [YYYY/MM/DD]

# As a result of the research, one vulnerability identified. 
# (Directory Traversal)
# Technical information is provided below step by step.

# [1] - Directory Traversal Vulnerability

# Vulnerable Parameter Type: GET
# Vulnerable Parameter: TARGET/Zyxel/images/eaZy/]

# Proof of Concepts:https://TARGET/Zyxel/images/eaZy/
<https://target/Zyxel/images/eaZy/>