Описание
Directory traversal vulnerability in D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 allows remote attackers to read sensitive information via a .. (dot dot) in the errorpage parameter.
Ссылки
- ExploitThird Party AdvisoryVDB Entry
- ExploitThird Party AdvisoryVDB Entry
- ExploitThird Party AdvisoryVDB Entry
- ExploitThird Party AdvisoryVDB Entry
- ExploitThird Party AdvisoryVDB Entry
- ExploitThird Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
Одновременно
Одно из
cpe:2.3:o:d-link:dvg-n5402sp_firmware:w1000cn-00:*:*:*:*:*:*:*
cpe:2.3:o:d-link:dvg-n5402sp_firmware:w1000cn-03:*:*:*:*:*:*:*
cpe:2.3:o:d-link:dvg-n5402sp_firmware:w2000en-00:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dvg-n5402sp:-:*:*:*:*:*:*:*
EPSS
Процентиль: 99%
0.87413
Высокий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-22
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
Directory traversal vulnerability in D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 allows remote attackers to read sensitive information via a .. (dot dot) in the errorpage parameter.
EPSS
Процентиль: 99%
0.87413
Высокий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-22