CVE-2009-2258

Currently unrated

Key Information:

Vendor: Netgear
Status: Dg632 Firmware; Dg632
Vendor: CVE Published:; 30 June 2009

Summary

Directory traversal vulnerability in cgi-bin/webcm in the administrative web interface on the Netgear DG632 with firmware 3.4.0_ap allows remote attackers to list arbitrary directories via a .. (dot dot) in the nextpage parameter.

References

http://www.tomneaves.co.uk/Netgear_DG632_Authentication_B...

x_refsource_MISC

http://www.securityfocus.com/archive/1/504312/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.exploit-db.com/exploits/8963

exploitx_refsource_EXPLOIT-DB

Timeline

Vulnerability published
Jun 30, 2009
Vulnerability Reserved
Jun 29, 2009