Absolute Path Traversal Vulnerability in Intelbras TELEFONE IP TIP200/200 LITE 60.0.75.29

Absolute Path Traversal Vulnerability in Intelbras TELEFONE IP TIP200/200 LITE 60.0.75.29

CVE-2018-9010 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Intelbras TELEFONE IP TIP200/200 LITE 60.0.75.29 devices allow remote authenticated admins to read arbitrary files via the /cgi-bin/cgiServer.exx page parameter, aka absolute path traversal. In some cases, authentication can be achieved via the admin account with its default admin password.

Learn more about our Cis Benchmark Audit For Server Software.