CVE-2004-2749 Information

Description

Directory traversal vulnerability in wra/public/wralogin in 2Wire Gateway possibly as used in HomePortal and other product lines allows remote attackers to read arbitrary files via a .. (dot dot) in the return parameter. NOTE: this issue was reported as XSS but this might be a terminology error.

Reference

http://archives.neohapsis.com/archives/bugtraq/2004-01/0179.html http://secunia.com/advisories/10666 http://securitytracker.com/id?1008798 http://www.osvdb.org/3683 http://www.securityfocus.com/bid/9463 https://exchange.xforce.ibmcloud.com/vulnerabilities/14894