Directory Traversal Vulnerabilities on Huawei E585 Device

CVE-2012-5969 · MEDIUM Severity

AV:A/AC:L/AU:N/C:P/I:P/A:N

Multiple directory traversal vulnerabilities on the Huawei E585 device allow remote attackers to (1) read arbitrary files via a .. (dot dot) in the PATH_INFO of an sdcard/ request or (2) modify arbitrary files via a .. (dot dot) in the req_page parameter to en/sms.cgi.

Learn more about our Web Application Penetration Testing UK.