Directory Traversal Vulnerability in Geneko GWR Routers Allows Unauthenticated Access to Configuration File

CVE-2017-11456 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Geneko GWR routers allow directory traversal sequences starting with a /../ substring, as demonstrated by unauthenticated read access to the configuration file.

Learn more about our Web Application Penetration Testing UK.