3 matches found
CVE-2022-4982
DBLTek GoIP-1 firmware versions up to and including GHSFVT-1.1-67-5 contain a local file inclusion vulnerability. The device's web server exposes handlers frame.html and frame.A100.html that accept a path parameter content or sidebar which is not properly validated or canonicalized. An attacker c...
CVE-2022-4982
DBLTek GoIP-1 firmware versions up to and including GHSFVT-1.1-67-5 contain a local file inclusion vulnerability. The device's web server exposes handlers frame.html and frame.A100.html that accept a path parameter content or sidebar which is not properly validated or canonicalized. An attacker c...
CVE-2022-4982
CVE-2022-4982 affects DBLTek GoIP-1 firmware up to GHSFVT-1.1-67-5. The web server exposes handlers frame.html and frame.A100.html that accept the path parameters content or sidebar, which are not properly validated or canonicalized. An attacker can supply directory-traversal sequences to cause t...