Full title: Netgear Wireless Router WNR500 Local File Inclusion Vulnerability 
Category: web applications
Platform: hardware
The Netgear Wireless Router WNR500 suffers from an authenticated file inclusion vulnerability (LFI) when input passed thru the 'getpage' parameter to 'webproc' script is not properly verified before being used to include files. This can be exploited to include files from local resources with directory traversal attacks.

# 0day.today @ http://0day.today/