Directory Traversal Vulnerability in ZXR10 1800-2S (before v3.00.40) Allows Unauthorized File Downloads and Information Leaks

Directory Traversal Vulnerability in ZXR10 1800-2S (before v3.00.40) Allows Unauthorized File Downloads and Information Leaks

CVE-2017-10931 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

The ZXR10 1800-2S before v3.00.40 incorrectly restricts the download of the file directory range for WEB users, resulting in the ability to download any files and cause information leaks such as system configuration.

Learn more about our Web App Pen Testing.