Directory traversal vulnerability in /cgi-bin/webcm in INCA IM-204 allows remote attackers to read arbitrary files via a /./. (modified dot dot) sequences in the getpage parameter.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Im-204_adsl_router | Inca | * | * |
References
- http://secunia.com/advisories/22557
- http://securityreason.com/securityalert/1796
- http://www.securityfocus.com/archive/1/449504/100/0/threaded
- http://www.securityfocus.com/bid/20696/info
- http://www.vupen.com/english/advisories/2006/4223
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29815
- http://secunia.com/advisories/22557
- http://securityreason.com/securityalert/1796
- http://www.securityfocus.com/archive/1/449504/100/0/threaded
- http://www.securityfocus.com/bid/20696/info
- http://www.vupen.com/english/advisories/2006/4223
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29815