Vulnerability Details CVE-2017-11456
Geneko GWR routers allow directory traversal sequences starting with a /../ substring, as demonstrated by unauthenticated read access to the configuration file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.082
EPSS Ranking 91.8%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2017-11456
-
cpe:2.3:h:geneko:gwr202_gprs_router:-
-
cpe:2.3:h:geneko:gwr252_edge_router:-
-
cpe:2.3:h:geneko:gwr352_3g_router:-
-
cpe:2.3:h:geneko:gwr352wv_wide_voltage_3g_router:-
-
cpe:2.3:o:geneko:gwr202_gprs_router_firmware:-
-
cpe:2.3:o:geneko:gwr252_edge_router_firmware:-
-
cpe:2.3:o:geneko:gwr352_3g_router_firmware:-
-
cpe:2.3:o:geneko:gwr352wv_wide_voltage_3g_router_firmware:-