Home / os / winnt

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Privilege Escalation

Posted on 19 March 2021

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE version 2.0.1 suffers from a privilege escalation vulnerability. The non-privileged default user (user:user123) can elevate his/her privileges by sending a HTTP GET request to the configuration export endpoint and disclose the admin password. Once authenticated as admin, an attacker will be granted access to the additional and privileged pages.

 

TOP

Malware :

Exploits :