Exploitation Summary
EIP tracks 1 public exploit for CVE-2021-27328. PoCs published by SQSamir.
AI-analyzed exploit summary This PoC demonstrates a path traversal vulnerability in Yeastar TG400 GSM Gateway version 91.3.0.3, allowing unauthorized access to sensitive files like /etc/passwd and firmware decryption passwords.
Description
Yeastar NeoGate TG400 91.3.0.3 devices are affected by Directory Traversal. An authenticated user can decrypt firmware and can read sensitive information, such as a password or decryption key.
Exploits (1)
nomisec
WORKING POC
by SQSamir · poc
https://github.com/SQSamir/CVE-2021-27328
This PoC demonstrates a path traversal vulnerability in Yeastar TG400 GSM Gateway version 91.3.0.3, allowing unauthorized access to sensitive files like /etc/passwd and firmware decryption passwords.
Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target:
Yeastar TG400 GSM Gateway 91.3.0.3
No auth needed
Prerequisites:
Network access to the target device
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (3)
Core 3
Core References
Vendor Advisory x_refsource_misc
http://yeastar.com
Exploit, Third Party Advisory x_refsource_misc
https://github.com/SQSamir/CVE-2021-27328
Exploit, Third Party Advisory, VDB Entry x_refsource_misc
http://packetstormsecurity.com/files/161560/Yeastar-TG400-GSM-Gateway-91.3.0.3-Path-Traversal.html
Scores
CVSS v3
6.5
EPSS
0.0900
EPSS Percentile
94.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-22
Status
published
Products (1)
yeastar/neogate_tg400_firmware
91.3.0.3
Published
Feb 19, 2021
Tracked Since
Feb 18, 2026