Vordel Gateway 6.0.3 - Directory Traversal

EDB-ID:

35799

CVE:

N/A




Platform:

Linux

Date:

2011-05-25


source: https://www.securityfocus.com/bid/47975/info

Vordel Gateway is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input.

A remote attacker could exploit this vulnerability using directory-traversal strings (such as '../') to gain access to arbitrary files on the targeted system. This may result in the disclosure of sensitive information or lead to a complete compromise of the affected computer.

Vordel Gateway 6.0.3 is vulnerable; other versions may also be affected. 

http://www.example.com:8090/manager/..%2f..%2f..%2f..%2f..%2f..%2fetc%2fshadow