Packet Storm

exploit the possibilities

Register | Login

Home Files News &[SERVICES_TAB]About Contact Add New

DiCal-RED 4009 Path Traversal: Posted Aug 23, 2024; Authored by Sebastian Hamann | Site syss.de; DiCal-RED version 4009 has an administrative web interface that is vulnerable to path traversal attacks in several places. The functions to download or display log files can be used to access arbitrary files on the device's file system. The upload function for new license files can be used to write files anywhere on the device's file system - possibly overwriting important system configuration files, binaries or scripts. Replacing files that are executed during system operation results in a full compromise of the whole device.; tags | exploit, web, arbitrary; advisories | CVE-2024-36442; SHA-256 | 7c7db8db22b8d44815d0c4d1894bb2b5c72cd299da13c7d7e62d1b7f68ee685e; Download | Favorite | View

Related Files

No related files

Top Authors In Last 30 Days

Red Hat 278 files
indoushka 113 files
Ubuntu 89 files
Gentoo 32 files
Debian 21 files
LiquidWorm 19 files
Google Security Research 8 files
malvuln 5 files
Seth Jenkins 3 files
Emiliano Febbi 3 files

File Tags

File Archives

Systems

AIX (430)
Apple (2,117)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,144)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,599)
HPUX (881)
iOS (391)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,634)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,102)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,937)
UNIX (9,469)
UnixWare (188)
Windows (6,784)
Other

packet storm

© 2024 Packet Storm. All rights reserved.

Site Links: News by Month; News Tags; Files by Month; File Tags; File Directory

About Us: History & Purpose; Contact Information; Terms of Service; Privacy Statement; Copyright Information

Services: Security Services
Hosting By: Rokasec