CVE-2015-7250

Absolute path traversal vulnerability in cgi-bin/webproc on ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allows remote attackers to read arbitrary files via a full pathname in the getpage parameter.

Date published : 2015-12-29

http://www.securityfocus.com/bid/77421

https://www.kb.cert.org/vuls/id/391604