FiberHome Router Directory Traversal Vulnerability

FiberHome routers are a router from FiberHome, a Chinese company. A directory traversal vulnerability exists in /cgi-bin/webproc in FiberHome routers. An attacker can exploit this vulnerability to obtain files on the router...

Directory traversal

On FiberHome routers, Directory Traversal exists in /cgi-bin/webproc via the getpage parameter in conjunction with a crafted var:page value...

CVE-2017-15647

FiberHome routers are affected by CVE-2017-15647, a local file inclusion (LFI) in /cgi-bin/webproc via the getpage parameter when coupled with a crafted var:page value. The Nuclei template confirms an LFI vector affecting FiberHome devices, enabling an attacker to read sensitive router files and ...

FiberHome - Directory Traversal

Vulnerability Summary The following advisory describes a directory traversal vulnerability found in FiberHome routers. FiberHome Technologies Group “was established in 1974. After continuous and intensive development for over 40 years, its business has been extended to R&D, manufacturing, marketi...

NETGEAR JNR1010 ADSL Router - (Authenticated) Remote File Disclosure

NETGEAR JNR1010 ADSL Router - Authenticated Remote File Disclosure !/bin/sh NETGEAR ADSL ROUTER JNR1010 1.0.0.16 Authenticated Remote File Disclosure Hardware Version: JNR1010 Firmware Version: 1.0.0.16 GUI Language Version: 1.0.0.16 Copyright 2016 c Todor Donev https://www.ethical-hacker.org/...

MOVISTAR BHS_RTA ADSL Router - Remote File Disclosure

!/bin/sh MOVISTAR ADSL ROUTER BHSRTA BHSRTAC0019 Remote File Disclosure Vendor: OBSERVA Model: BHSRTA Software: BHSRTACO019 Firmware: 09/08/2012-10:23:25 Copyright 2016 c Todor Donev https://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg Disclaimer: This or previous programs is...

D-Link DSL-2730U/2750U/2750E ADSL Router - Remote File Disclosure

!/bin/sh D-Link ADSL ROUTER DSL-2730U IN1.02 Remote File Disclosure Modem Name: DSL-2730U/DSL-2750E Time and Date: 2012-05-23 09:51:16 HardwareVersion: U1 Firmware Version: IN1.02/SEA1.04/SEA1.07 Copyright 2016 c Todor Donev https://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackeror...

PLC Wireless Router GPN2.4P21-C-CN - Arbitrary File Disclosure

Exploit Title: PLC Wireless Router GPN2.4P21-C-CN Authorised Arbitrary File Disclosure Date: 28/08/2016 Exploit Author: Rahul Raz Affected Model : GPN2.4P21-C-CNFrimware- W2001EN-00 Vendor: ChinaMobile Tested on: Ubuntu Linux GET...

CVE-2015-7248

ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.kPE allow remote attackers to discover usernames and password hashes by reading the cgi-bin/webproc HTML source code, a different vulnerability than CVE-2015-8703...

ZTE ZXHN H108N R1A webproc cgi模块跨站脚本漏洞

No description provided by source...

Belkin Router N150 1.00.08, 1.00.09 - Path Traversal Vulnerability

Exploit for hardware platform in category web applications Title: Path Traversal Vulnerability Product: Belkin Router N150 Author: Rahul Pratap Singh Website: https://0x62626262.wordpress.com Contact: Linkedin: https://in.linkedin.com/in/rahulpratapsingh94 Twitter: @0x62626262 Vendor Homepage:...

Dlink DSL-2750u and DSL-2730u - Authenticated Local File Disclosure Vulnerability

Exploit for hardware platform in category web applications + Author: SATHISH ARTHAR + Exploit Title: Dlink Wireless Router Password File Access Exploit Local File Inclusion + Date: 07-07-2015 + Platform: Hardware + Tested on: linux + Vendor: http://www.dlink.co.in + Product web page:...

D-Link 2750u / 2730u Local File Disclosure Vulnerability

D-Link 2750u and 2730u suffer from a local file disclosure vulnerability. + Author: SATHISH ARTHAR + Exploit Title: Dlink Wireless Router Password File Access Exploit Local File Inclusion + Date: 07-07-2015 + Platform: Hardware + Tested on: linux + Vendor: http://www.dlink.co.in + Product web pag...

Beacon（Fiberhome）HG-1 1 0 device directory traversal vulnerability study-vulnerability warning-the black bar safety net

Know Chong Yu security research group 2 0 1 5 . 0 3 . 3 1 This article PDF Download: fiberhome HG-1 1 0 device recorded traversal vulnerability study 1. Updates Edition: first edition Time: 2015 / 3 / 31 Description: The first edition of the complete 2. Vulnerability summary Recently, foreign...

Operators issued a large number of routers to contain high-risk vulnerabilities, most of the“problem router”IP in China-vulnerability warning-the black bar safety net

! According to statistics, the global operators to the General Public of Internet users has issued at least 7 0 million ADSL Router, but unfortunately, these routers exist high-risk vulnerabilities, and thus is likely to cause large-scale router attacks. It is worth mentioning that most of...

Netgear WNR500 Wireless Router - 'webproc?getpage' Traversal Arbitrary File Access

Netgear Wireless Router WNR500 Parameter Traversal Arbitrary File Access Exploit Vendor: NETGEAR Product web page: http://www.netgear.com Affected version: WNR500 firmware: 1.0.7.2 Summary: The NETGEAR compact N150 classic wireless router WNR500 improves your legacy Wireless-G network. It is a...

Netgear Wireless Router WNR500 Local File Inclusion Vulnerability

The Netgear Wireless Router WNR500 suffers from an authenticated file inclusion vulnerability LFI when input passed thru the 'getpage' parameter to 'webproc' script is not properly verified before being used to include files. This can be exploited to include files from local resources with...

Path traversal

Absolute path traversal vulnerability in the webproc cgi module on the Belkin N150 F9K1009 v1 router with firmware before 1.00.08 allows remote attackers to read arbitrary files via a full pathname in the getpage parameter...

CVE-2014-2962

The Belkin N150 router (F9K1009, v1) contains a path traversal flaw in the webproc CGI module. The getpage parameter accepts an unrestricted file path, and the web server runs with root privileges, enabling an unauthenticated attacker on the LAN to read arbitrary files. Affected firmwares are bef...