CVE-2016-1525
Directory traversal vulnerability in data/config/image.do in NETGEAR Management System NMS300 1.5.0.11 and earlier allows remote authenticated users to read arbitrary files via a .. (dot dot) in the realName parameter.
Date published : 2016-02-12
http://www.securityfocus.com/archive/1/537446/100/0/threaded