Описание
Directory traversal vulnerability in wra/public/wralogin in 2Wire Gateway, possibly as used in HomePortal and other product lines, allows remote attackers to read arbitrary files via a .. (dot dot) in the return parameter. NOTE: this issue was reported as XSS, but this might be a terminology error.
Ссылки
- Exploit
- Exploit
- Exploit
- Exploit
- Exploit
- Exploit
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:2wire:homeportal:100s:*:*:*:*:*:*:*
cpe:2.3:a:2wire:homeportal:100w:*:*:*:*:*:*:*
cpe:2.3:a:2wire:homeportal:1000:*:*:*:*:*:*:*
cpe:2.3:a:2wire:homeportal:1000s:*:*:*:*:*:*:*
cpe:2.3:a:2wire:homeportal:1000sw:*:*:*:*:*:*:*
cpe:2.3:a:2wire:homeportal:1000w:*:*:*:*:*:*:*
cpe:2.3:a:2wire:homeportal:1500w:*:*:*:*:*:*:*
EPSS
Процентиль: 67%
0.00532
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-22
Связанные уязвимости
github
почти 4 года назад
Directory traversal vulnerability in wra/public/wralogin in 2Wire Gateway, possibly as used in HomePortal and other product lines, allows remote attackers to read arbitrary files via a .. (dot dot) in the return parameter. NOTE: this issue was reported as XSS, but this might be a terminology error.
EPSS
Процентиль: 67%
0.00532
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-22