cve/2015/CVE-2015-7245.md

CVE-2015-7245

Description

Directory traversal vulnerability in D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 allows remote attackers to read sensitive information via a .. (dot dot) in the errorpage parameter.

POC

Reference

• http://packetstormsecurity.com/files/135590/D-Link-DVG-N5402SP-Path-Traversal-Information-Disclosure.html
• https://www.exploit-db.com/exploits/39409/

Github

• https://github.com/ARPSyndicate/cvemon
• https://github.com/ARPSyndicate/kenzer-templates