exploitDog

GHSA-fvr2-9cvw-2qwx

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

Absolute path traversal vulnerability in cgi-bin/webproc on ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allows remote attackers to read arbitrary files via a full pathname in the getpage parameter.

Absolute path traversal vulnerability in cgi-bin/webproc on ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allows remote attackers to read arbitrary files via a full pathname in the getpage parameter.

Ссылки

EPSS

Процентиль: 95%

0.20201

Средний

7.5 High

CVSS3

CVE ID

Дефекты

CWE-22

Связанные уязвимости

CVE-2015-7250

CVSS3: 7.5

nvd

около 10 лет назад

Absolute path traversal vulnerability in cgi-bin/webproc on ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allows remote attackers to read arbitrary files via a full pathname in the getpage parameter.

EPSS

Процентиль: 95%

0.20201

Средний

7.5 High

CVSS3

CVE ID

Дефекты

CWE-22