Directory traversal vulnerability in download.cgi in EZFactory KDDI Download CGI 1.x allows remote attackers to read and download arbitrary files via a .. (dot dot) in the name parameter.
Affected Software
Name |
Vendor |
Start Version |
End Version |
Ezfactory_download_cgi |
Kddi |
1.0 |
1.0 |
References