CVE-2015-7250

2015-12-3002:00:00

certcc

www.cve.org

8.5 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.8%

JSON

Absolute path traversal vulnerability in cgi-bin/webproc on ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allows remote attackers to read arbitrary files via a full pathname in the getpage parameter.

References

www.securityfocus.com/bid/77421

www.exploit-db.com/exploits/38773/

www.kb.cert.org/vuls/id/391604

www.kb.cert.org/vuls/id/BLUU-9ZDJWA