Directory Traversal Vulnerability in D-Link DSL-G604T Wireless ADSL Router Modem
CVE-2006-2337

Currently unrated

Key Information:

Vendor: D-link
Status: Dsl-g604t
Vendor: CVE Published:; 12 May 2006

What is CVE-2006-2337?

A directory traversal vulnerability exists in the web configuration management interface (webcm) of the D-Link DSL-G604T Wireless ADSL Router Modem. This flaw allows remote attackers to exploit the getpage parameter to bypass access controls, enabling unauthorized access to sensitive files on the device's filesystem by manipulating the absolute path. This type of vulnerability can potentially lead to information disclosure, posing significant risks to the device and the network to which it is connected. Users are advised to update their firmware and implement stringent security measures to mitigate the risks associated with this vulnerability.

References

http://www.securityfocus.com/archive/1/489009/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.gnucitizen.org/projects/router-hacking-challenge/

x_refsource_MISC

http://securitytracker.com/id?1016038

vdb-entryx_refsource_SECTRACK

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 12, 2006
Vulnerability Reserved
May 11, 2006

D-link

What is CVE-2006-2337?

References

Timeline