Vulnerability Details CVE-2015-7254
Directory traversal vulnerability on Huawei HG532e, HG532n, and HG532s devices allows remote attackers to read arbitrary files via a .. (dot dot) in an icon/ URI.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.23
EPSS Ranking 95.6%
CVSS Severity
CVSS v2 Score 5.0
References
- http://www.huawei.com/en/psirt/security-advisories/hw-462908
- http://www.kb.cert.org/vuls/id/438928
- http://www.securityfocus.com/bid/77506
- http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-462908.htm
- https://github.com/0xAdrian/scripts/blob/master/2015_7254_exploit.py
- https://www.exploit-db.com/exploits/45991/
- http://www.huawei.com/en/psirt/security-advisories/hw-462908
- http://www.kb.cert.org/vuls/id/438928
- http://www.securityfocus.com/bid/77506
- http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-462908.htm
- https://github.com/0xAdrian/scripts/blob/master/2015_7254_exploit.py
- https://www.exploit-db.com/exploits/45991/