A relative path traversal vulnerability found in Advan VD-1 firmware versions up to 230. It allows attackers to download arbitrary files via url cgibin/ExportSettings.cgi?Download=filepath, without any authentication.
CPE | Name | Operator | Version |
---|---|---|---|
vd_1_firmware | le | 230 | |
gv-vd8700_firmware | le | 1.01 | |
gv-vr360_firmware | le | 1.10 |