.. / CVE-2018-14916

Exploit for Loytec LGATE-902 <6.4.2 - Local File Inclusion (CVE-2018-14916)

Description:

Loytec LGATE-902 versions prior to 6.4.2 suffers from a local file inclusion vulnerability.

Nuclei Template

View the template here CVE-2018-14916.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2018/CVE-2018-14916.yaml

References:

https://packetstormsecurity.com/files/152453/Loytec-LGATE-902-XSS-Traversal-File-Deletion.html
https://seclists.org/fulldisclosure/2019/Apr/12
https://github.com/ARPSyndicate/kenzer-templates
https://nvd.nist.gov/vuln/detail/CVE-2018-14916
http://packetstormsecurity.com/files/152453/Loytec-LGATE-902-XSS-Traversal-File-Deletion.html