CVE-2015-7254 Information

Description

Directory traversal vulnerability on Huawei HG532e HG532n and HG532s devices allows remote attackers to read arbitrary files via a .. (dot dot) in an icon/ URI.

Reference

http://www.huawei.com/en/psirt/security-advisories/hw-462908 http://www.kb.cert.org/vuls/id/438928 http://www.securityfocus.com/bid/77506 http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-462908.htm https://github.com/0xAdrian/scripts/blob/master/2015_7254_exploit.py https://www.exploit-db.com/exploits/45991/