header-logo
Suggest Exploit
vendor:
Vordel Gateway
by:
7.5
CVSS
HIGH
Directory Traversal
22
CWE
Product Name: Vordel Gateway
Affected Version From: 6.0.3
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:

Vordel Gateway Directory Traversal Vulnerability

Vordel Gateway is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. A remote attacker could exploit this vulnerability using directory-traversal strings (such as '../') to gain access to arbitrary files on the targeted system. This may result in the disclosure of sensitive information or lead to a complete compromise of the affected computer.

Mitigation:

Apply the necessary updates or patches provided by the vendor.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/47975/info

Vordel Gateway is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input.

A remote attacker could exploit this vulnerability using directory-traversal strings (such as '../') to gain access to arbitrary files on the targeted system. This may result in the disclosure of sensitive information or lead to a complete compromise of the affected computer.

Vordel Gateway 6.0.3 is vulnerable; other versions may also be affected. 

http://www.example.com:8090/manager/..%2f..%2f..%2f..%2f..%2f..%2fetc%2fshadow