NuytsTech Security

CVE-2007-0357

by ·

Directory traversal vulnerability in the AVM IGD CTRL Service in Fritz!DSL 02.02.29 allows remote attackers to read arbitrary files via ..%5C (URL-encoded dot dot backslash) sequences in a URI requested from the AR7 webserver.

Date published : 2007-01-18

http://www.securityfocus.com/bid/22093

http://lists.grok.org.uk/pipermail/full-disclosure/2007-January/051844.html

Tags: