Vordel Gateway 6.0.3 – Directory Traversal

• Exploit Database
• 14 阅读

• 作者： Brian W. Gary
  日期： 2011-05-25
• 类别：

  • remote
  平台：

  • linux
• 来源：https://www.exploit-db.com/exploits/35799/

• source: https://www.securityfocus.com/bid/47975/info
  
  Vordel Gateway is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input.
  
  A remote attacker could exploit this vulnerability using directory-traversal strings (such as '../') to gain access to arbitrary files on the targeted system. This may result in the disclosure of sensitive information or lead to a complete compromise of the affected computer.
  
  Vordel Gateway 6.0.3 is vulnerable; other versions may also be affected. 
  
  http://www.example.com:8090/manager/..%2f..%2f..%2f..%2f..%2f..%2fetc%2fshadow