A path traversal attack in web interfaces of Netgear RAX35, RAX38, and RAX40 routers before v1.0.4.102, allows a remote unauthenticated attacker to gain access to sensitive restricted information, such as forbidden files of the web application, via sending a specially crafted HTTP packet.
CPE | Name | Operator | Version |
---|---|---|---|
rax35_firmware | lt | 1.0.4.102 | |
rax38_firmware | lt | 1.0.4.102 | |
rax40_firmware | lt | 1.0.4.102 |