An unauthorized file creation vulnerability in Telesquare TLR-2855KS6 via PUT method can allow creation of CGI scripts.
https://drive.google.com/drive/folders/1avIfk1MZNmNQYePE1_n4irC24daxCeBA
http://packetstormsecurity.com/files/166674/Telesquare-TLR-2855KS6-Arbitrary-File-Creation.html