CVE-2011-4716

Dream-multimedia-tv Dreambox Dm800 HD SE Firmware - Path Traversal

Title source: rule

Description

Directory traversal vulnerability in file in DreamBox DM800 1.6rc3, 1.5rc1, and earlier allows remote attackers to read arbitrary files via the file parameter.

Exploits (3)

exploitdb WRITEUP VERIFIED

by Todor Donev · textwebappshardware

https://www.exploit-db.com/exploits/36286

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by ShellVision · textremotehardware

https://www.exploit-db.com/exploits/17422

View Code ZIP pw:eip

exploitdb WORKING POC

by Todor Donev · perlremotehardware

https://www.exploit-db.com/exploits/18079

View Code ZIP pw:eip

References (2)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/50520

[Exploit, Third Party Advisory] http://www.exploit-db.com/exploits/18079

Scores

EPSS 0.0254

EPSS Percentile 85.5%

Details

CWE

CWE-22

Status published

Products (6)

dream-multimedia-tv/dreambox_dm800_hd_pvr

dream-multimedia-tv/dreambox_dm800_hd_pvr_firmware 1.5 rc1

dream-multimedia-tv/dreambox_dm800_hd_pvr_firmware 1.6 rc3

dream-multimedia-tv/dreambox_dm800_hd_se

dream-multimedia-tv/dreambox_dm800_hd_se_firmware 1.5 rc1

dream-multimedia-tv/dreambox_dm800_hd_se_firmware < 1.6

Published Dec 08, 2011

Tracked Since Feb 18, 2026