← back
CVE-2009-2258

CVE-2009-2258

EPSS 6.7%
Directory traversal vulnerability in cgi-bin/webcm in the administrative web interface on the Netgear DG632 with firmware 3.4.0_ap allows remote attackers to list arbitrary directories via a .. (dot dot) in the nextpage parameter.
Affected products
n/a · n/a
public PoCs found2
cve_referencewww.exploit-db.com/exploits/8963unverifiedexploitdbwww.exploit-db.com/exploits/8963unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://securitytracker.com/id?1022404http://www.exploit-db.com/exploits/8963http://www.securityfocus.com/archive/1/504312/100/0/threadedhttp://www.tomneaves.co.uk/Netgear_DG632_Authentication_Bypass.txt