| 标题 | Draytek Vigor 2960v1.5.1.4 has arbitrary file read vulnerability in in function sub_1DF14, file mainfunction.cgi |
|---|
| 描述 | Draytek Vigor 2960v1.5.1.4 the lastest version, has arbitrary file read vulnerability in function sub_1DF14, file mainfunction.cgi.
It doesn’t filter the var option, so we can use /../ to bypass the limit of string /tmp, like /tmp/../etc/password to read arbitrary file.
you can see more details in link: https://github.com/xxy1126/Vuln/blob/main/Draytek/1.md |
|---|
| 来源 | ⚠️ https://github.com/xxy1126/Vuln/blob/main/Draytek/1.md |
|---|
| 用户 | Tmotfl (UID 41304) |
|---|
| 提交 | 2023-02-18 13時54分 (3 年前) |
|---|
| 管理 | 2023-02-24 11時31分 (6 days later) |
|---|
| 状态 | 已接受 |
|---|
| VulDB条目 | 221742 [DrayTek Vigor 2960 1.5.1.4/1.5.1.5 Web Management Interface mainfunction.cgi sub_1DF14 option 目录遍历] |
|---|
| 积分 | 19 |
|---|